r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7433
Expires: Sun, 29 Jan 2023 03:40:40 GMT
Date: Sun, 29 Jan 2023 01:36:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9576
Expires: Sun, 29 Jan 2023 04:16:23 GMT
Date: Sun, 29 Jan 2023 01:36:47 GMT
Connection: keep-alive
cloudcastlemunnar.com/
302 Found 214 B IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9f05839c0ec4c55bc94faf05a6b89c5f
6062a4a12ee0339646a53fe5a2c04a1c16c1db5f
c6f0f61238d49fad4d7aae5a0c1188ea39ca1a85bd4ff594baa4baceff1c5c14
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 29 Jan 2023 01:36:47 GMT
Server: Apache
Location: https://cloudcastlemunnar.com/
Content-Length: 214
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 00:43:07 GMT
content-type: application/json
age: 3220
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4636
Expires: Sun, 29 Jan 2023 02:54:03 GMT
Date: Sun, 29 Jan 2023 01:36:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8Fz8j7gbDMk1tc+ESXd1PtWe3d+Hr5495T+HSpk3pKGeZCjLz3uaU9rWmI3OEz/j4olhBEHtB1nGuUW/41INbg==
x-amz-request-id: DF22N65G36X2KP1X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 00:50:07 GMT
age: 2800
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 01:36:47 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 00:49:03 GMT
age: 2864
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash af2be171466750e788e294862f2666f9
831b1f7ce2b8402c08d40af97a534c7314386974
0c22a6508aad7c758291ea97a7c50543fa3b9268fc6f84f84c53543c56e256bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C22A6508AAD7C758291EA97A7C50543FA3B9268FC6F84F84C53543C56E256BC"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 29 Jan 2023 07:36:47 GMT
Date: Sun, 29 Jan 2023 01:36:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8347
Expires: Sun, 29 Jan 2023 03:55:54 GMT
Date: Sun, 29 Jan 2023 01:36:47 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1fyw9v/WcaIxvF2lESi9FA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bN1p8KZgn7+NLtPX47AjiItjDN0=
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 01:36:48 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 183244
expires: Fri, 19 Jan 2024 01:36:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbCvLGk562rbAOKRm4ReiYZZzk5RrCcDmZkeLsG1oKaPQo81MxaTUPiRkskKVeSc2awnazZ0lk%2Bb7P9aXt3VJVLwcljqEiN2okbwsAkqHx32gzkLBTmo901d2pya7LDGoWaQtbIr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 790e3d2f7e731c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
IP
File type ASCII text, with very long lines (32014)
Hash b0a538eca8603c37c15e4ccd04500c57
f89f4099777ae63be4e09fee2b1227bc6874fd73
917decede324477626db7f615c8ee595556bafb7a875bdc9d3c3b1b94b345307
GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 01:36:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 27198
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1514f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7543676
expires: Fri, 19 Jan 2024 01:36:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SK%2FOBDY4wL%2BPs%2BWwATV94JBVhs980gM1P79TWSdJJMaHJ3e8qnVGGm%2FIsR9XAJV2r3wIynG20jZoi7n63DCVKVK55DTTW9aU%2FxJnDUbsHoZpR8pJBkFyOkhISJdPhQ86eN4xRnNs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 790e3d2f9e7d1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.usertrust.com/
200 OK 472 B IP
Hash fb72edf12d3bf8bd927e58e0d54f9058
00cc40f801f276ba12057a789412c797a0b3953c
107cee418f8c696948071299cace8f7298a91715bc58182b08d57868a4120be1
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 01:36:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 22:26:12 GMT
Expires: Fri, 03 Feb 2023 22:26:11 GMT
Etag: "00cc40f801f276ba12057a789412c797a0b3953c"
Cache-Control: max-age=602961,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1131
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790e3d300eaa1c02-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cloudcastlemunnar.com/wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.17
200 OK 5.4 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.17
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (29458), with no line terminators
Hash 610ae8ebe6d66ed9b96e3000e12fe22e
d05b2668e49eca8ac5fe664a0c48e0846fc412fb
6f256ffae93f49ae56181f2efbb682b7481d7d433ed626306e237ca25055067d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/foobox-image-lightbox/free/css/foobox.free.min.css?ver=2.7.17 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Aug 2022 08:58:04 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5433
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.trustindex.io/loader.js?ver=6.1.1
200 OK 7.1 kB URL HTTP/2 cdn.trustindex.io/loader.js?ver=6.1.1
IP
File type ASCII text, with very long lines (904)
Hash da1e6b25d7b71ee46815c8ef4c5bd599
0d1b03512a80454388487e7491536f87237a1174
354da712aad1f32fcc30b8a11ba87484f433aaea7bbe8fe99dcbe3b565274e63
GET /loader.js?ver=6.1.1 HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 7082
server: Apache/2.4.29 (Ubuntu)
last-modified: Wed, 25 Jan 2023 14:25:55 GMT
accept-ranges: bytes
content-encoding: gzip
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
date: Sat, 28 Jan 2023 11:53:15 GMT
etag: "65e1-5f3176905f39c-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xJPxAR4RX4mPJqjcog5KJHZ5Y3trkyw6tWYO8v-380kB_3T256g8OQ==
age: 49414
X-Firefox-Spdy: h2
cloudcastlemunnar.com/
200 OK 49 kB IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16662), with CRLF, LF line terminators
Hash 613976a41c5f68be881d08c77e3c88be
f13fb948742bdeaafe7cce5318b60663614bc4c5
2896d301eec2c5cf468883a731ffbc365ea18f305213e162e7c23fee186b36d3
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:47 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/inc/assets/icons/wpr-icons.css?ver=3.1.7.4
200 OK 2.2 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/inc/assets/icons/wpr-icons.css?ver=3.1.7.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 4df2415039efcbea36ac2a91397d04a8
816d2b7a0f08272cdf5e9a967a9fc81b8f94dc86
ef4173ed2b55a88b4a2d8966d2741cf5e95b76cc7ad8bc4abb69689d1d14a698
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-responsive-menu/inc/assets/icons/wpr-icons.css?ver=3.1.7.4 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 13:36:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2180
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/css/wpr-hamburger.css?ver=3.1.7.4
200 OK 4.0 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/css/wpr-hamburger.css?ver=3.1.7.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash af18ece3d8bd73dbf9956633b437e5a4
d5b0e961f6e83e970287f2019bbf39b31383b545
dfe7ae007a88d923936a251caae38a5d31b2367a9ef3e5dfad75c3a97aad048f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-responsive-menu/assets/css/wpr-hamburger.css?ver=3.1.7.4 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 13:36:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3951
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/maxmegamenu/style.css?ver=918bbd
200 OK 9.0 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/maxmegamenu/style.css?ver=918bbd
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (990)
Hash 1410c33e4d068f49912c74a8d88762f2
00b001b650fc8150658babe7418f82afafe4d5ac
6ba26e6a1a7fbe26bddffc5946b0a6783c6832db51df680755714d58da574664
GET /wp-content/uploads/maxmegamenu/style.css?ver=918bbd HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:15 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9015
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-140072568-1
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-140072568-1
IP
File type ASCII text, with very long lines (1759)
Hash 0336fa9b7e7654d22684f375b095994f
7c8465738a71f9fdbf4fa4eb429641b4a1a83d85
6319217351dd65628d052d86f5da89467b50fb496cd33c9903506a76f2dd7967
GET /gtag/js?id=UA-140072568-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 01:36:48 GMT
expires: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-NK213R6LHH
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NK213R6LHH
IP
File type ASCII text, with very long lines (19467)
Hash 3f3f48c76e44743081efcc4f7c4c44e7
0d2d4cf6a6e01228727200d5a426a152b8f7c2f7
a6623cb8d5b9da8826b83e853009a077191950ceaaf517bd2927003888fcf87a
GET /gtag/js?id=G-NK213R6LHH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 01:36:48 GMT
expires: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77194
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.trustindex.io/assets/platform/Google/logo.svg
200 OK 1.4 kB URL HTTP/2 cdn.trustindex.io/assets/platform/Google/logo.svg
IP
Hash 1c8626f52297d0adc2284625b943d88e
a93b8a0494ea139ae0754a5646cd6ec783724615
55cdc61111c54f1e2d72c4b80756ff3e794f256bf4b46197a6f7d4657a707d01
GET /assets/platform/Google/logo.svg HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 07 Jan 2023 01:21:29 GMT
server: Apache/2.4.29 (Ubuntu)
last-modified: Tue, 22 Feb 2022 22:43:27 GMT
etag: W/"819-5d8a313da09a9"
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: max-age=31536000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SYvnWLY8so7ikzkmWDPwRP4-wzq-RqVgivvjx-CKkQCT_rva2sgYhw==
age: 1901719
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/style.css?ver=20190507
200 OK 18 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/style.css?ver=20190507
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d75c089ed508dd4e09796b87dac9a92b
f5d12f12cd990528fd795b4b8509815f1bcdd9cf
0c69daffbf856e3bb6e1f7e370c5c462faa2a2cac6ea3de02d92b880b48665ff
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/style.css?ver=20190507 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Mar 2022 10:16:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17890
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/css/blocks.css?ver=20190105
200 OK 2.3 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/css/blocks.css?ver=20190105
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash ef6cb7bc0b96d7a6554f31c997ee99c1
04ed1a84ff980fe3926a8b7d75df7ff327aa90c8
da276a933e7e4d02691f2de7933929cbbd8007dd1e9baa35fc33296e6da80b42
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/assets/css/blocks.css?ver=20190105 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2266
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=23139749
200 OK 5.4 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=23139749
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (22153), with no line terminators
Hash a3ec6661882ea4519d77efb35cbe392a
372c2766535a7e19cd00c4f71a83b98b78aac1ff
0672273a4560b77ee94698c9954c0824de0d9e44459bcaae610ef3ce4446bfe6
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=23139749 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 18:19:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5373
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/dist/lity.css
200 OK 1.3 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/dist/lity.css
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a5a9560ff1bb9f528b45e76e4c5fa5d6
9c27159cdcc7b3d9e562c28311b82f2fd68c2d32
cf6d22d342613c9a4050a02415e40be8d162c265e4f03de7adeebb4735ab221c
GET /wp-content/themes/cloudcastle/dist/lity.css HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1257
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=23139749
200 OK 604 B URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=23139749
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1248), with no line terminators
Hash 6b949bd4839843940747f7af3c2619b0
bba19a35ed063ddfcd0ac0e2ededc9e18ac6ece3
210a73e22bd968ce347ce9609f3c19dd9def4c2f0427c520aa90cfa1a5b2c47c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=23139749 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 18:19:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 604
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 5.3 kB URL HTTP/2 cloudcastlemunnar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 11:26:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/trustindex-google-widget.css?ver=1671522974
200 OK 4.7 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/trustindex-google-widget.css?ver=1671522974
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19798), with no line terminators
Hash 897839b4f87ce3fa11c19f602afa01bb
4a5b3daf659d70cd4260324801099a1766684ecc
4ccd2fedc9760d2b6eb13c22dd2e6a2bad74b495776bb512b6ba38fc07f009a1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/trustindex-google-widget.css?ver=1671522974 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 20 Dec 2022 07:56:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4732
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/js/jquery.touchSwipe.min.js?ver=3.1.7.4
200 OK 4.2 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/js/jquery.touchSwipe.min.js?ver=3.1.7.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (10290), with no line terminators
Hash 27ef4b492c4e60662793ac6d973acdbf
3ff99624018e8df3e560dfe631c0b60d20848040
23a97ad363b7dd5fe935ab025fe05582f7bfe27569d213270dc80986cdac29d6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-responsive-menu/assets/js/jquery.touchSwipe.min.js?ver=3.1.7.4 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 13:36:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4163
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/script.js
200 OK 200 B URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/script.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 586e8d7309ce4835c46ec10b1e701abb
5f15f8a560ff6ec298a58b1d0798b529ffe8e893
78cad112d697ab40e840b2e2dcd5f53681fac2fa26d5fde6b276807c987dc1eb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/images/script.js HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 20:10:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 200
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/js/wprmenu.js?ver=3.1.7.4
200 OK 2.8 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/js/wprmenu.js?ver=3.1.7.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 19736509e1e2966d65b2616ace268554
dc794ebce80daf478b7e208ec46b5990d553c857
41da6250dccbe8f52e163c29aa6c95b24042c6e147f9c046c70cbc2965e7cdb2
GET /wp-content/plugins/wp-responsive-menu/assets/js/wprmenu.js?ver=3.1.7.4 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 13:36:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2753
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
200 OK 10 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (24733), with no line terminators
Hash 045b2e4fb439a7260bec75f77134c189
47fa8f88be8a3501305369697b2934a89adb8e2a
4d53dcbb6f07ecbe0f9a8f3ed9ce769665f3551c3c63c3ad64fa24c733c7fda3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 20:01:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10524
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon5.png
200 OK 4.6 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon5.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash ddef47226bc48b11708fa0ecf8291399
8ddcd4671187ac7d6684cbb5123b973e201a9378
ed98ca842cb61bd741061c1e32662481e8e76eb352458276c3fd0fd600ad2486
GET /wp-content/themes/cloudcastle/images/sicon5.png HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
content-length: 4598
content-type: image/png
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/js/modernizr.custom.js?ver=3.1.7.4
200 OK 3.4 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/js/modernizr.custom.js?ver=3.1.7.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (7197), with no line terminators
Hash 92a6e0b13629c5b0012fdcfd5e588110
f65d4111523715c2e798e501c1a46482c873f650
74a53448a1a2fe6e152dfe6feb7ec92d168942fc1af17599df42bab8185c1471
GET /wp-content/plugins/wp-responsive-menu/assets/js/modernizr.custom.js?ver=3.1.7.4 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 13:36:00 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3443
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.6 kB URL HTTP/2 cloudcastlemunnar.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
200 OK 707 B URL HTTP/2 cloudcastlemunnar.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1464)
Hash 75340c1451d0b45e2c487b4aeeb6394e
67e9a70a845789c6f6a1e3f2b8061b2eb7c7548a
1622c52fe9cada9d88bae5f3efb043b42a7d0ef43373695f3533941dc7dedd2c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 09 Apr 2022 01:37:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 707
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=23139749
200 OK 4.2 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=23139749
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (13218), with no line terminators
Hash 0dccae9907e7236a39988f5774dfeb02
328fd03e1f38747f8126e05bb2b9cba07fcad844
3f855927a4f52acd2f59751e6c562737937e2b11b5fce91d0607237bbabbd6a8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=23139749 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 18:19:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4237
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon3.png
200 OK 3.9 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon3.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash d92e36ec315bf8573a7a3d195c6410f6
8a0005b7eab6254a9bb74a90dc945b90b33c2eec
309e3c0a906bd12d556fe5e4d1082610724f744564258006741fb5fb7f6a6fc5
GET /wp-content/themes/cloudcastle/images/sicon3.png HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
content-length: 3894
content-type: image/png
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon2.png
200 OK 3.9 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon2.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash a0a4939cceb3df2767073ebaed4ee131
84e9586100f14ae09c5b49df6d224b2fa1ef3bae
08fe3f5324bdc64d2455076127e881f461f91ebd14dbe228a21098c47a68176f
GET /wp-content/themes/cloudcastle/images/sicon2.png HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
content-length: 3911
content-type: image/png
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon1.png
200 OK 3.6 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon1.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash 6bb547928cc5ed41422acf96505f817b
ad8abca33d7a896d385438ee894bbaef1df61004
e17ae640bbe844a96e772592529cb78beac3b2a7583dff90d89f08171f5a00c2
GET /wp-content/themes/cloudcastle/images/sicon1.png HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
content-length: 3600
content-type: image/png
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon4.png
200 OK 3.9 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/sicon4.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash a943815ff81f4c616517aa696d31c0da
1ffecd1670d07d7dadc3fb597fc875ceea0889bb
561ad0dfd9988ff8c3c7421d9836f96f72429edc115a1a6e09e1e60cabee8392
GET /wp-content/themes/cloudcastle/images/sicon4.png HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
content-length: 3864
content-type: image/png
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/cloud-castle_logo_1.png
200 OK 22 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/cloud-castle_logo_1.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 304 x 198, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b3ea1ea68d7d0168439ac5b38895e68
baa8403c0578ed99695acb0618fb6d3c953f6538
91733fa80de0cf068378c1765e9b7394f02d0b802fc79c931d0884b67e6280c2
GET /wp-content/themes/cloudcastle/images/cloud-castle_logo_1.png HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
content-length: 22348
content-type: image/png
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0
200 OK 7.5 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (315)
Hash 7a368bf10f9696a17c7395c7af59361a
db1d1399a0c3057ad2901b44d1aecf182bdec55c
21307e8159e0336ca0829dd129689a49c1e964c7df2e4c567dd52a511bc57d20
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 12 Nov 2022 06:36:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7535
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=23139749
200 OK 15 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=23139749
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (41234), with no line terminators
Hash 033540f4fd229427e7aafe82b6532f0b
878cfd7888921725b955065b4ad973c37d159554
396b30c9bfd0abc2e6a4cf04e5e7102c262d408807bf59dde82d1517b667bf3c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=23139749 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 18:19:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15213
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cormorantgaramond/v16/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/cormorantgaramond/v16/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20648, version 1.0\012- data
Hash ad42ff0a48cd03601f98fdb57499f2c8
b19e645023e978269a6cc953c1b4dbf89dbf2b11
a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf
GET /s/cormorantgaramond/v16/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20648
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:12 GMT
expires: Sat, 27 Jan 2024 02:06:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 09 Aug 2022 02:18:22 GMT
content-type: font/woff2
age: 171037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2
200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17984, version 1.0\012- data
Hash 1ffa00c7dcd120476f50c12e10e6b0b2
b2cb1d89eb252bc3ca6753b65b6e968c95b8b0ed
058fd8e17b26fec2578f985cbc75d51a9a28fdc7060bb20266d5428da6e183a1
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 10:58:56 GMT
expires: Thu, 25 Jan 2024 10:58:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:12:47 GMT
content-type: font/woff2
age: 311873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21012, version 1.0\012- data
Hash a65fe668cb2c812524f51004d579341d
e3ea3da1148587ecd327fe46ec5474c449169e57
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
GET /s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21012
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 02:42:54 GMT
expires: Fri, 26 Jan 2024 02:42:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 09 Aug 2022 02:17:16 GMT
content-type: font/woff2
age: 255235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:59 GMT
expires: Fri, 26 Jan 2024 10:05:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
age: 228650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 152920
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/josefinsans/v25/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/josefinsans/v25/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10892, version 1.0\012- data
Hash 9d350f6f6942c8861d13dfad74adfc29
cfe029cfd2d9f6ea109675421474bbb4920bf5bf
4a79b18e7744f210f2400940cbd7e4b7767391e833645f761b759e9a1a365af7
GET /s/josefinsans/v25/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 03:43:48 GMT
expires: Sat, 27 Jan 2024 03:43:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
content-type: font/woff2
age: 165181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/jquery.scrollTo.js?ver=2.1.2
404 Not Found 25 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/jquery.scrollTo.js?ver=2.1.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 13e3678382224a46c878e4b3c40d1a9c
e56974897542aca1ed2d683b410283a5d6ceb00c
bd77a8ac9f8c0df17682ed2f6235964d2078ed4ae4f2857b69ae9f223d361bfe
GET /wp-content/themes/cloudcastle/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/arrow_black.svg
200 OK 1.9 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/arrow_black.svg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 28eedfebc74a53fbc9bfc503694ebe46
79bf6ff323c0718bf6022bd198b9ed7915a54789
3c24fac4991762997304f7b2f48615bd189fae8b2fe5ccb2cfe25693fd8918d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/images/arrow_black.svg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/wp-content/themes/cloudcastle/style.css?ver=20190507
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 16:58:51 GMT
accept-ranges: bytes
content-length: 1939
content-type: image/svg+xml
date: Sun, 29 Jan 2023 01:36:49 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/gradient.png
200 OK 2.9 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/gradient.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 4 x 669, 8-bit/color RGBA, non-interlaced\012- data
Hash b974e764bf735155e003767f3c779ed4
e5fbd4ebe6c37be9d3d62f113689ad412b14277a
befdd04005bcf62c90ab7d8a0efce09aa0ea6640a133ad0dde9ac481d535082d
GET /wp-content/themes/cloudcastle/images/gradient.png HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/wp-content/themes/cloudcastle/style.css?ver=20190507
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 09:41:14 GMT
accept-ranges: bytes
content-length: 2908
content-type: image/png
date: Sun, 29 Jan 2023 01:36:49 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/arrow_white.svg
200 OK 1.9 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/images/arrow_white.svg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash a2a731f2958802e36cfebd182b2a1b2f
56213d7e85b6cd5ff24a166455e34eba002296ea
13a556d02c4666ffe376ca4008cbe2c255d5ac1f8768cca69d06192edd83d675
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/images/arrow_white.svg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/wp-content/themes/cloudcastle/style.css?ver=20190507
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 16:59:14 GMT
accept-ranges: bytes
content-length: 1939
content-type: image/svg+xml
date: Sun, 29 Jan 2023 01:36:49 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/cloudcastle1-1.jpg
200 OK 128 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/cloudcastle1-1.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=643, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=520], progressive, precision 8, 520x643, components 3\012- data
Size 128 kB (127742 bytes)
Hash 1f784bb1d17b3dd1c36edb2348116d6d
04943e36612255aa82f48075c4412cccde37f817
b0e7e5ce270cef70ccf785d88f05c8f330dafaf43e93d568639f4552136ca23d
GET /wp-content/uploads/2022/02/cloudcastle1-1.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:05:05 GMT
accept-ranges: bytes
content-length: 127742
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:49 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/skip-link-focus-fix.js?ver=20161114
404 Not Found 26 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/skip-link-focus-fix.js?ver=20161114
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2562), with CRLF, LF line terminators
Hash 3d24b82fe41ecb772d985041246c9c54
a2b492f2918d5eba9930624218e9d96569edb859
f5204f88e9ae76015cab0d4aa1c943947e5910ac9550a8ce14a4abe50cdc3c21
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/assets/js/skip-link-focus-fix.js?ver=20161114 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Sun, 29 Jan 2023 02:46:03 GMT
Date: Sun, 29 Jan 2023 01:36:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Sun, 29 Jan 2023 02:46:03 GMT
Date: Sun, 29 Jan 2023 01:36:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Sun, 29 Jan 2023 02:46:03 GMT
Date: Sun, 29 Jan 2023 01:36:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Sun, 29 Jan 2023 02:46:03 GMT
Date: Sun, 29 Jan 2023 01:36:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Sun, 29 Jan 2023 02:46:03 GMT
Date: Sun, 29 Jan 2023 01:36:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21dfd3ff-6ef1-481d-b7af-d5f7eb830cde.jpeg
200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21dfd3ff-6ef1-481d-b7af-d5f7eb830cde.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 801d4d643e2fe5f23a2dcaa77c133ab8
b4a01701d16b84047d7c62d5ffa5165865042c57
f4f6a4902c0703b901271a0360c7ebbdb33fe85a68203e10639ae655b2bbe004
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21dfd3ff-6ef1-481d-b7af-d5f7eb830cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3203
x-amzn-requestid: 50873744-cce9-4788-9f05-9e66ba943b2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFEd_HBwoAMF-Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8126-7e5f1963639215cb43992cd5;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ho5pTWplXBixyAs_iFwd0VPitF4IjOYaCNa_XdQ-BFH7kTuDIsca0g==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 22:03:16 GMT
age: 12813
etag: "b4a01701d16b84047d7c62d5ffa5165865042c57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61dd48155b70501a72ec13f79745433d
4efc3d15f04a290a590b54122822d55a9d3fa1ca
9345056c111439b34aff08323fc99a2d315fa91293039dc5acf67affb50636d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4202
x-amzn-requestid: d33bee10-9642-4138-8dde-3486ec7f6535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa9ABFFvIAMFbqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d441ff-3b3a99db469e3f8c068d553c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:28:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RIvTaBE3RpB7sP9Bb1Ku1ItsiaCFKNmyHArESR1FuqDIHXt2uOLG6A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 05:22:38 GMT
age: 72851
etag: "4efc3d15f04a290a590b54122822d55a9d3fa1ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:55:48 GMT
age: 38461
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: f6073f30-9a9c-4674-8ca9-a43e1982ab44
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzV7FHtoAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328c-08806a615c478d443f76119f;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:09:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5AeWdtII3LLgHysTJsa4Kn5-SSmF0rkM0uYXZwtpBC0p60eJ_VSjBw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 15:00:59 GMT
age: 38150
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 17433
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7da187381befeffa83fbaed380f2932e
7f4750e505e965f129c096ef40bc24c392051025
f47a20d681386b3341f23d286fb2f0a2a789bde75bdbc2d14c4747721e13d7a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12124
x-amzn-requestid: 4032a848-72f7-4fbf-a0b2-e9cd7a2d1853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVMBEGtwIAMF_Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1f3a0-6eec6555074c2fba0be0d90e;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 03:29:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixuvPYw-yLJbABGhAMsaZPkbpCy6H-R-QXKxMlIBRQgBYvnERkOs_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 12:06:16 GMT
age: 48633
etag: "7f4750e505e965f129c096ef40bc24c392051025"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.trustindex.io/assets/platform/Google/icon.svg
200 OK 742 B URL HTTP/2 cdn.trustindex.io/assets/platform/Google/icon.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (742), with no line terminators
Hash e71bb3b906941a37ae1c7227c5f25104
f90b8d3fc013de6b8462c5c5038aa80a2d1c048a
c67cd82de676ba29b89c52107c0aae12094c774c2e0bb179f32888a3dbc3da42
GET /assets/platform/Google/icon.svg HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 742
date: Wed, 18 Jan 2023 06:16:53 GMT
server: Apache/2.4.29 (Ubuntu)
last-modified: Tue, 22 Feb 2022 22:43:27 GMT
etag: "2e6-5d8a313da09a9"
accept-ranges: bytes
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: max-age=31536000, public
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9nX4lWfeXTOMkF-YjY1XpwK1ccaItfAMBicGuvd7dCxPc9gtdwLDQw==
age: 933596
X-Firefox-Spdy: h2
cdn.trustindex.io/assets/fonts/opensans/latin2.woff2
200 OK 15 kB URL HTTP/2 cdn.trustindex.io/assets/fonts/opensans/latin2.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Hash 0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
GET /assets/fonts/opensans/latin2.woff2 HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 15056
server: Apache/2.4.29 (Ubuntu)
last-modified: Tue, 22 Feb 2022 22:43:27 GMT
accept-ranges: bytes
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
date: Thu, 26 Jan 2023 21:07:40 GMT
cache-control: max-age=604800, public
etag: "3ad0-5d8a313d8f06c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: izV5k1TZP7gCwnA9zzUbiLdVMIM0mnVftgFEGkVhBPbFp4EWtXwhfQ==
age: 189115
X-Firefox-Spdy: h2
cdn.trustindex.io/assets/fonts/opensans/latin.woff2
200 OK 14 kB URL HTTP/2 cdn.trustindex.io/assets/fonts/opensans/latin.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14380, version 1.0\012- data
Hash 33543c5cc5d88f5695dd08c87d280dfd
600db9374e47e4f73a59ccc0a99bcc42f4a3e02a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
GET /assets/fonts/opensans/latin.woff2 HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 14380
date: Thu, 26 Jan 2023 14:42:39 GMT
server: Apache/2.4.29 (Ubuntu)
last-modified: Tue, 22 Feb 2022 22:43:27 GMT
etag: "382c-5d8a313d8f06c"
accept-ranges: bytes
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: max-age=604800, public
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RjaF8v_sMyft5J-9P7x2BBCP8cZwYsGSCOMOXUMnj_HyBikYNSahXQ==
age: 212050
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/7/init_embed.js
200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/7/init_embed.js
IP
File type ASCII text, with very long lines (2599)
Hash fd4867728783671f13b38d1f073e7be9
ff5ba304ce5b2838e4b49b6cff833dede37e1098
52a398663110b5dc50e72094c287b049ec5ed33a2b639418e4e1a9c3d313b82c
GET /maps-api-v3/embed/js/51/7/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69373
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 03:51:36 GMT
expires: Sun, 28 Jan 2024 03:51:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 21:48:16 GMT
content-type: text/javascript
age: 78313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/dist/lity.js
404 Not Found 34 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/dist/lity.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2562), with CRLF, LF line terminators
Hash 79c59e43f4b9c5e38ddee1e80804415c
954cca786a76ec55a717ba7cfdc645ac2e7b5b06
61f589402d053aeb276bc3b9e54c686df60b326d43536a74104939fd26c9b041
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/dist/lity.js HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:49 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/skip-link-focus-fix.js?ver=20161114
404 Not Found 25 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/skip-link-focus-fix.js?ver=20161114
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash e79cebd7709b4ff1dd7b5f0e7bf09f7c
4c67bd50f378d22beaa2dad9c0772cf801404f14
bef1456f4f02eb16a30aae4a9c21600d3cf92bb43339f28113b2faaa2936b6b4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/assets/js/skip-link-focus-fix.js?ver=20161114 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.1.1210176285.1674956215
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:49 GMT
server: Apache
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-NK213R6LHH>m=2oe1p0&_p=1807176068&cid=1210176285.1674956215&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674956214&sct=1&seg=0&dl=https%3A%2F%2Fcloudcastlemunnar.com%2F&dt=Cloudcastle%20Resort%20and%20Spa%20Munnar%20%E2%80%93%20Best%20Resort%20and%20Spa%20in%20Munnar%2C%20Kerala&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NK213R6LHH>m=2oe1p0&_p=1807176068&cid=1210176285.1674956215&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674956214&sct=1&seg=0&dl=https%3A%2F%2Fcloudcastlemunnar.com%2F&dt=Cloudcastle%20Resort%20and%20Spa%20Munnar%20%E2%80%93%20Best%20Resort%20and%20Spa%20in%20Munnar%2C%20Kerala&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NK213R6LHH>m=2oe1p0&_p=1807176068&cid=1210176285.1674956215&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674956214&sct=1&seg=0&dl=https%3A%2F%2Fcloudcastlemunnar.com%2F&dt=Cloudcastle%20Resort%20and%20Spa%20Munnar%20%E2%80%93%20Best%20Resort%20and%20Spa%20in%20Munnar%2C%20Kerala&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cloudcastlemunnar.com
date: Sun, 29 Jan 2023 01:36:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/global.js?ver=20190121
404 Not Found 25 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/global.js?ver=20190121
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2562), with CRLF, LF line terminators
Hash 7ef89b91b47230794b9ebec203068460
a1db58feccb3da80a049997437b713a320f93173
14ec5a1b62cbc50fc7393f8a038480146c2eab794aaaabca984fbf436a08b7c5
GET /wp-content/themes/cloudcastle/assets/js/global.js?ver=20190121 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.1.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 23:46:59 GMT
expires: Sun, 29 Jan 2023 01:46:59 GMT
cache-control: public, max-age=7200
age: 6591
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6299
Cache-Control: max-age=150692
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:50 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 19:28:22 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
s.w.org/images/core/emoji/14.0.0/svg/1f495.svg
200 OK 630 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f495.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (630), with no line terminators
Hash 70b35c3dc2e909287823bd8626150089
230d425dbc2d3a3e291c2dcf73aa42eec0c641c8
3195319076d73360822f6a169fb1f5b88dc8d52b64e60471b804fa51079f252c
GET /images/core/emoji/14.0.0/svg/1f495.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 01:36:50 GMT
content-type: image/svg+xml
content-length: 630
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f49a.svg
200 OK 368 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f49a.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 35221463e22cf68c28b23b6479a43613
6f33c33e490b005e5843dc7b243f775596024df3
1aae46e2790e4c3d5eaf2d588b7d91f667d10e90e090f8d08867dafce808974e
GET /images/core/emoji/14.0.0/svg/1f49a.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 01:36:50 GMT
content-type: image/svg+xml
content-length: 368
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/jquery.scrollTo.js?ver=2.1.2
404 Not Found 25 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/jquery.scrollTo.js?ver=2.1.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 2528870f2257d415b358eef9f38222ea
218b2b0cba76bf7a7349d5951988ee168f1b5594
a1804e8ec10f6acb411557f43067c622aaca69a34472e9f0ec43c918163386d6
GET /wp-content/themes/cloudcastle/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.1.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:50 GMT
server: Apache
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 4QlxzENe+LMgS/RIY6p0W4c7E3IocjwYF3tUe+C0+LtKFCZM8H6RU/N3m2/0VUNe/1/lXcA96rRwaWnZLjnuLg==
content-length: 27815
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 01:36:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6299
Cache-Control: max-age=150692
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:50 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 19:28:22 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cloudcastlemunnar.com/wp-content/uploads/fbrfg/apple-touch-icon.png
200 OK 9.1 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/fbrfg/apple-touch-icon.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 431babfed491d5d00374e707c2eeecc3
c0dfde739c40968efa50f30853b4830488ccc687
32494a78ef2b9c6e1ee10ddcc19e3aaea43335949ea799c4fb011f17f3ac625f
GET /wp-content/uploads/fbrfg/apple-touch-icon.png HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.1.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Mar 2022 17:05:25 GMT
accept-ranges: bytes
content-length: 9143
content-type: image/png
date: Sun, 29 Jan 2023 01:36:50 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/dist/lity.js
404 Not Found 26 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/dist/lity.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash c156dd23d27676f9349d29d0798cc901
fdeb7501a9d13643740dea383081d29947695eab
95ef28be872431d4d6d264fcafceee531c7ce7710e68e0634bfd36dbd34d8eae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/cloudcastle/dist/lity.js HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/fonts/wprmenu.ttf?p8o4s0
200 OK 1.2 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/fonts/wprmenu.ttf?p8o4s0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, wprmenu \012- data
Hash 61a8e682ec524d2cd27d1dc63738cf12
5bce31c3638105b9f7ef3d9d655e339eef29b402
7f536e0e14cc149ccee6854aa95ff54cb8e9f342d00d056f3882234b198d7125
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-responsive-menu/assets/fonts/wprmenu.ttf?p8o4s0 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/wp-content/plugins/wp-responsive-menu/assets/css/wprmenu.css?ver=3.1.7.4
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.1.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 13:36:00 GMT
accept-ranges: bytes
content-length: 1152
content-type: font/ttf
date: Sun, 29 Jan 2023 01:36:50 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/750254559/?random=1674956214664&cv=11&fst=1674956214664&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=J4dRCK2-m54BEN_z3-UC&hn=www.google.com&frm=0&url=https%3A%2F%2Fcloudcastlemunnar.com%2F&tiba=Cloudcastle%20Resort%20and%20Spa%20Munnar%20%E2%80%93%20Best%20Resort%20and%20Spa%20in%20Munnar%2C%20Kerala>m_ee=1&auid=300508765.1674956215&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/750254559/?random=1674956214664&cv=11&fst=1674956214664&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=J4dRCK2-m54BEN_z3-UC&hn=www.google.com&frm=0&url=https%3A%2F%2Fcloudcastlemunnar.com%2F&tiba=Cloudcastle%20Resort%20and%20Spa%20Munnar%20%E2%80%93%20Best%20Resort%20and%20Spa%20in%20Munnar%2C%20Kerala>m_ee=1&auid=300508765.1674956215&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/750254559/?random=1674956214664&cv=11&fst=1674956214664&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=J4dRCK2-m54BEN_z3-UC&hn=www.google.com&frm=0&url=https%3A%2F%2Fcloudcastlemunnar.com%2F&tiba=Cloudcastle%20Resort%20and%20Spa%20Munnar%20%E2%80%93%20Best%20Resort%20and%20Spa%20in%20Munnar%2C%20Kerala>m_ee=1&auid=300508765.1674956215&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudcastlemunnar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 01:36:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 01:36:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-140072568-1&cid=1210176285.1674956215&jid=1874260999&gjid=1814593649&_gid=1836547881.1674956216&_u=YADAAUAAAAAAACAAI~&z=1619242238
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-140072568-1&cid=1210176285.1674956215&jid=1874260999&gjid=1814593649&_gid=1836547881.1674956216&_u=YADAAUAAAAAAACAAI~&z=1619242238
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-140072568-1&cid=1210176285.1674956215&jid=1874260999&gjid=1814593649&_gid=1836547881.1674956216&_u=YADAAUAAAAAAACAAI~&z=1619242238 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cloudcastlemunnar.com
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cloudcastlemunnar.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 01:36:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/cloudcastle_munnar5.jpg
200 OK 503 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/cloudcastle_munnar5.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=960, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1440], progressive, precision 8, 1600x960, components 3\012- data
Size 503 kB (502767 bytes)
Hash d3a0b3c568c60fe2e38ac4f0e21b0410
75a653a8e289169a13a2f27fce50970cafe960b0
b36ce83a912d3f29f1191ba5b08a02f87de42495dfdad215ef7de15f588996d8
GET /wp-content/uploads/2022/02/cloudcastle_munnar5.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:04:47 GMT
accept-ranges: bytes
content-length: 502767
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:50 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/clubroom1a.jpg
200 OK 101 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/clubroom1a.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=853, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 850x493, components 3\012- data
Size 101 kB (101359 bytes)
Hash 3ade42fec169ceb2c3af00556f6bf7c8
5fe75c2a1968761c8e63c7a91bf5890dd278b880
c403d39b9cc7ba344d8728692a282f9fef2d6a3d0eeea8ecc26a5da65824f11d
GET /wp-content/uploads/2022/02/clubroom1a.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:03:39 GMT
accept-ranges: bytes
content-length: 101359
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:50 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/honeymoon1a.jpg
200 OK 122 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/honeymoon1a.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=853, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 850x493, components 3\012- data
Size 122 kB (121956 bytes)
Hash 3b90480ef6bfdd6d49e9fb4a39c7ba3e
f4fc03d380df0f59deee9b36a71f36e540838fda
eec8795d89c2347f38bd35681c9fdd16d7374475c9872bf764f871fec1a90ff8
GET /wp-content/uploads/2022/02/honeymoon1a.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:03:44 GMT
accept-ranges: bytes
content-length: 121956
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:50 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/clubsuite1a-1.jpg
200 OK 105 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/clubsuite1a-1.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=853, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 850x493, components 3\012- data
Size 105 kB (105206 bytes)
Hash 6b4b8e373899d29cdf62a0a722de4c82
ff49a87e033163df06d229ee1e6266a59b3141b6
4f025f729442ed5adc8680f63ff34ff411b8e1ec6539dbf8f9fce7543a7e855f
GET /wp-content/uploads/2022/02/clubsuite1a-1.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:07:23 GMT
accept-ranges: bytes
content-length: 105206
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/03/clubsuite1b.jpg
200 OK 107 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/03/clubsuite1b.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=853, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 850x493, components 3\012- data
Size 107 kB (106740 bytes)
Hash c48f80650bb7c40cd444675c5e7f3338
6ef026deb9eab557d4d9fcf7d99080b21c0f4916
c625ea5aa375f7e34ca0e721d4d19ff4d70a2ae91e166349b9a09b3f2253fc5e
GET /wp-content/uploads/2022/03/clubsuite1b.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:13:00 GMT
accept-ranges: bytes
content-length: 106740
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant1-3.jpg
200 OK 96 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant1-3.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2022:02:26 15:16:58], progressive, precision 8, 849x493, components 3\012- data
Hash 3fb34d4506315db4c4297d0389b0b63f
a2c506f59cefa94d97fe7ef2b454962983f53934
221b2901bfec7d549c555fc3061898207c79392a3623c0f94ed17e54df326292
GET /wp-content/uploads/2022/02/restaurant1-3.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:07:52 GMT
accept-ranges: bytes
content-length: 96047
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant8.jpg
200 OK 103 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant8.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=493, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=849], progressive, precision 8, 849x493, components 3\012- data
Size 103 kB (103306 bytes)
Hash b8b9d03fed6b1e0b59701c662a77d88c
2384c10def3451bb7f8f18c79f776c4dfc602771
011a7c236aa68b0603dae6820e9e9538340f1e31dec9b5ea32ceae312008807f
GET /wp-content/uploads/2022/02/restaurant8.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:08:10 GMT
accept-ranges: bytes
content-length: 103306
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant2-3.jpg
200 OK 78 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant2-3.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2022:02:26 15:17:43], progressive, precision 8, 849x493, components 3\012- data
Hash 0a12a8effc3ad1b24e193a9455d6a232
4851bdd9e9a740d9089eba6c9c48ea25457a02e0
466f289146ea1bc0f94bac61113b536d7e9964036782e8ea94b1b18174f441ce
GET /wp-content/uploads/2022/02/restaurant2-3.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:07:56 GMT
accept-ranges: bytes
content-length: 78213
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant6-1.jpg
200 OK 92 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant6-1.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=493, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=849], progressive, precision 8, 849x493, components 3\012- data
Hash 4a759e56aa6df2b5cc50897a7bed900a
1c26ee3d59d89f551643f07d87a895aa0283ac6b
8a5caecb94b768890c43f25fa2bf8e8e3a65a02e61834121ca56005b6c0e978b
GET /wp-content/uploads/2022/02/restaurant6-1.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:08:00 GMT
accept-ranges: bytes
content-length: 92076
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant7.jpg
200 OK 115 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant7.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=493, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=849], progressive, precision 8, 849x493, components 3\012- data
Size 115 kB (115432 bytes)
Hash 68072401b6638159cbe004dd42ec25f5
a6b7517635a42e68141ae53dd6903121b23d327f
dcea4723cbcad1c16ca9eb09512298300f8f52c10fd91f9a267af58751f48c7d
GET /wp-content/uploads/2022/02/restaurant7.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:08:05 GMT
accept-ranges: bytes
content-length: 115432
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant9.jpg
200 OK 124 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant9.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=493, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=849], progressive, precision 8, 849x493, components 3\012- data
Size 124 kB (124474 bytes)
Hash 14be5dbcd706b614204c0092bf1e6b5c
8a8639d4d6a4cddf0171872cc6466047bd70f3d1
78e473346755fbc5ab7680aa236a97f0fb3849a5d1e7255909ce43f0f95aa518
GET /wp-content/uploads/2022/02/restaurant9.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 17:08:14 GMT
accept-ranges: bytes
content-length: 124474
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant10-1-1.jpg
200 OK 101 kB URL HTTP/2 cloudcastlemunnar.com/wp-content/uploads/2022/02/restaurant10-1-1.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=493, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=849], progressive, precision 8, 849x493, components 3\012- data
Size 101 kB (100914 bytes)
Hash 45ebcb45d3533418f17166b58d7930e2
3c5f7b246d55cb28b53d2d3c614568cfe5d223b3
7862fd56d36177c2074f231aad685c118b69e3e98d5f5ae12b3faf74ce8c7937
GET /wp-content/uploads/2022/02/restaurant10-1-1.jpg HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Cookie: _ga_NK213R6LHH=GS1.1.1674956214.1.0.1674956214.0.0.0; _ga=GA1.2.1210176285.1674956215; _gcl_au=1.1.300508765.1674956215; _ga_MDFBTZHWSL=GS1.1.1674956214.1.0.1674956214.0.0.0; _gid=GA1.2.1836547881.1674956216; _gat_gtag_UA_140072568_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 17:17:44 GMT
accept-ranges: bytes
content-length: 100914
content-type: image/jpeg
date: Sun, 29 Jan 2023 01:36:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1896457997300599&ev=PageView&dl=https%3A%2F%2Fcloudcastlemunnar.com%2F&rl=&if=false&ts=1674956216176&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674956216175.684723362&it=1674956215862&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1896457997300599&ev=PageView&dl=https%3A%2F%2Fcloudcastlemunnar.com%2F&rl=&if=false&ts=1674956216176&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674956216175.684723362&it=1674956215862&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1896457997300599&ev=PageView&dl=https%3A%2F%2Fcloudcastlemunnar.com%2F&rl=&if=false&ts=1674956216176&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674956216175.684723362&it=1674956215862&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Jan 2023 01:36:51 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 280978
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type gzip compressed data, max compression\012- data
Hash 22e27fab98a5e664c0495b6bb4fabc91
d1b94d9e9c6eb4b3909693657259552ba6ae4291
61b065cd0a958708917ca97f7ae4ef3ff65e4a8466f96d99eaf5e2f047a40a9b
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 323093
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 04:01:14 GMT
age: 77742
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Playball&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Playball&display=swap
IP
GET /css2?family=Playball&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 01:36:48 GMT
date: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Playfair+Display:wght@400;600&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Playfair+Display:wght@400;600&display=swap
IP
GET /css2?family=Playfair+Display:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 01:36:48 GMT
date: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f970.svg
200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f970.svg
IP
GET /images/core/emoji/14.0.0/svg/1f970.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 01:36:50 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/global.js?ver=20190121
404 Not Found 0 B URL HTTP/2 cloudcastlemunnar.com/wp-content/themes/cloudcastle/assets/js/global.js?ver=20190121
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /wp-content/themes/cloudcastle/assets/js/global.js?ver=20190121 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://cloudcastlemunnar.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.trustindex.io/assets/platform/Google/star/f.svg
200 OK 0 B URL HTTP/2 cdn.trustindex.io/assets/platform/Google/star/f.svg
IP
GET /assets/platform/Google/star/f.svg HTTP/1.1
Host: cdn.trustindex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 19 Jan 2023 02:23:44 GMT
server: Apache/2.4.29 (Ubuntu)
last-modified: Tue, 22 Feb 2022 22:43:27 GMT
etag: W/"6be-5d8a313da09a9"
referrer-policy: origin
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: GET
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: max-age=31536000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0NTGhN3xcTAv575a-KGvu8d53SLsSJ3xMptV5kl8zlTjfotr0bx0WA==
age: 861185
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=PT+Serif&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=PT+Serif&display=swap
IP
GET /css2?family=PT+Serif&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 01:36:48 GMT
date: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Cormorant+Garamond:wght@300;400;500;600&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Cormorant+Garamond:wght@300;400;500;600&display=swap
IP
GET /css2?family=Cormorant+Garamond:wght@300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 01:36:48 GMT
date: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Josefin+Sans&family=Roboto+Condensed&family=Roboto+Slab&family=Roboto:wght@300;400&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Josefin+Sans&family=Roboto+Condensed&family=Roboto+Slab&family=Roboto:wght@300;400&display=swap
IP
GET /css2?family=Josefin+Sans&family=Roboto+Condensed&family=Roboto+Slab&family=Roboto:wght@300;400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 01:36:48 GMT
date: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?display=swap&family=Playfair+Display%3A300%2C400%7CMontserrat%3A300%2C400
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?display=swap&family=Playfair+Display%3A300%2C400%7CMontserrat%3A300%2C400
IP
GET /css?display=swap&family=Playfair+Display%3A300%2C400%7CMontserrat%3A300%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 01:36:48 GMT
date: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-includes/css/dashicons.min.css?ver=6.1.1
200 OK 0 B URL HTTP/2 cloudcastlemunnar.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Mar 2021 02:46:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=23139749
200 OK 0 B URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=23139749
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=23139749 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 18:19:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 0 B URL HTTP/2 cloudcastlemunnar.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 19:46:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback
IP
GET /css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 01:36:48 GMT
date: Sun, 29 Jan 2023 01:36:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cloudcastlemunnar.com/wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.17
200 OK 0 B URL HTTP/2 cloudcastlemunnar.com/wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.17
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /wp-content/plugins/foobox-image-lightbox/free/js/foobox.free.min.js?ver=2.7.17 HTTP/1.1
Host: cloudcastlemunnar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudcastlemunnar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 20:02:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sun, 29 Jan 2023 01:36:48 GMT
server: Apache
X-Firefox-Spdy: h2
162.222.227.139
23.36.76.226
104.18.32.68
157.240.200.14
93.184.220.29