firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 07:11:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OgjFB2xMJA0ZJ2FDoR_iOc0pOJdfBFh1irD9EO2ynfZAFg00rwnFPw==
Age: 3001
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11122
Expires: Sat, 17 Sep 2022 11:06:39 GMT
Date: Sat, 17 Sep 2022 08:01:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BD1dH0Lm5izDkozuPVuqdXW6acokvdE5BTHZBOT0J2jbaOU9DxEXEQ==
age: 16235
X-Firefox-Spdy: h2
kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
103.195.185.18301 Moved Permanently 0 B URL HTTP/1.1 kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso HTTP/1.1
Host: kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 17 Sep 2022 08:01:16 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 07:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 07:05:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nQukbPVTpBFpSHlgssc3bG4iR7nPaRajB8n1FU8c3sm0MRcIfK6iWw==
Age: 3475
www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
103.195.185.18404 Not Found 12 kB URL HTTP/1.1 www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash a3392c8dca7eb2ec3ae67eeb038d0708
adbf8b7447612b2eac4e4f460201d0773af84d3f
9cea9e9c77b0df2b32e48eee35b96122539cd6d98e3371d8faa3a612576561a2
GET /Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Sat, 17 Sep 2022 08:01:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.kraftstones.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11913
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5019
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:17 GMT
Last-Modified: Sat, 17 Sep 2022 06:37:38 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: l89FkaFAiJobUsV7BQZwHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5DmEQw4G3WvmJWeQRz4Cbo6QFTo=
www.kraftstones.com/wp-content/plugins/salient-social/css/style.css?ver=1.1
103.195.185.18200 OK 4.4 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/salient-social/css/style.css?ver=1.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash b7f910d44bb24d0c4cda25cd16f9eb13
f9f121a8b94122bfd1b59ce7b6a3e8ba09f6e1c0
5515ddb57372e5d6f323e21ec4df5b439ce159b5678ed2cda770c2d274d994d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/salient-social/css/style.css?ver=1.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 28 Feb 2020 07:31:56 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4355
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.kraftstones.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
103.195.185.18200 OK 17 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:17 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2022 17:40:38 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16594
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/grid-system.css?ver=11.0.4
103.195.185.18200 OK 8.2 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/grid-system.css?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash c2d165121453df3dd9f1d3997dc43b73
6009f434ca31badc95ee40da6722951e36a4bc81
4537dccbd83cb2bc99371864c8bc0002c7c04571b83ac0891203d23a9853a480
GET /wp-content/themes/salient/css/grid-system.css?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 01 Oct 2019 00:05:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8194
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
103.195.185.18200 OK 11 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30343)
Hash 143b25cdc650c42cf56f6253260d71db
be5327e6a083633cf2b7b45030ecfee11a23ef78
a06cf8600dec00aa5d65154ce7e6e58a0b3cc38d4cf1ad7e410f4ee261063df7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 24 Apr 2019 04:00:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11414
Keep-Alive: timeout=5, max=75
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-174892953-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-174892953-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash a2a95a1509f1f6e80d1f5c0badb5e9e5
30e96aa23cb26504177997e0a934a407ca8a2f70
df7f295b1ed80ec561e1be7422fa6fdd5c114b621c3542ac938e91635c58407e
GET /gtag/js?id=UA-174892953-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Sep 2022 08:01:18 GMT
expires: Sat, 17 Sep 2022 08:01:18 GMT
cache-control: private, max-age=900
last-modified: Sat, 17 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kraftstones.com/wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1
103.195.185.18200 OK 5.6 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 53dc051c7aeb5b35c1d85e8d027d673b
c03efbd4ce43ad9f889886525faa69b29e19a5d8
a3923db5815c7c93c04cfd71e0de9b130be60bdfc93ea7d5678b94f4fd73725c
GET /wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Thu, 13 Jun 2019 06:02:38 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5623
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
www.kraftstones.com/wp-content/plugins/wp-whatsapp-chat/assets/frontend/css/qlwapp.min.css?ver=4.6.1
103.195.185.18200 OK 13 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/wp-whatsapp-chat/assets/frontend/css/qlwapp.min.css?ver=4.6.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (29704)
Hash e19411063d7ce0d5150256133188e56e
8911c26093876979835bbbeae163e6a1e486c7bc
59dac2bbdc9630aa10e72060f35c7ae8f460bc5b5a82dbbd8fabe5b17824825a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp-chat/assets/frontend/css/qlwapp.min.css?ver=4.6.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2020 12:09:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12614
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/responsive.css?ver=11.0.4
103.195.185.18200 OK 26 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/responsive.css?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash c849f582d59f57c489707eca9bbc763b
208ee48ac318ca1189a0d854ab52e3c6abcdd1d2
58d8d4b3c93450cedfb50396d6e1ce7d8680c71b96e5386dc9d362cd53a5e4a2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/responsive.css?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Fri, 26 Jun 2020 09:58:58 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/skin-material.css?ver=11.0.4
103.195.185.18200 OK 23 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/skin-material.css?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 3f45021ebd293cc35e7642ca1811a99d
c4d3d1bbedd5171cf260d491d16714429410311d
1e246483f531e8029e41df6999a80178a0f256b0bc2f2c97766ed714436944f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/skin-material.css?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Fri, 26 Jun 2020 11:03:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.kraftstones.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.1.14
103.195.185.18200 OK 1.1 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.1.14
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 73de84e2a79655eff5662c5dd64815ab
d24f5bfcc988f263d22403c0d81816ad1cb4861a
e819c62bd813c1bc68bd85cf795835fe84b2ead23c5f3959d55e97ff78f6f5cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.1.14 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Mon, 09 May 2022 19:26:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1110
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=94183
103.195.185.18200 OK 25 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=94183
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, ASCII text, with CRLF line terminators
Hash 972d05db1431899bfef510e6f30f6d8e
8044ed9fef02e1bea59f689104b634edd41fda85
0a8480d5b8b23459c1c27c8a658e53d866124c0dfdfdc3f99c9b6ca6424c208e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/salient-dynamic-styles.css?ver=94183 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Fri, 03 Jul 2020 12:03:58 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
www.kraftstones.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
103.195.185.18200 OK 4.6 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 14:36:06 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
103.195.185.18200 OK 2.7 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 17:34:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2675
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
103.195.185.18409 Conflict 83 B URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 409 Conflict
Date: Sat, 17 Sep 2022 08:01:17 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.kraftstones.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
103.195.185.18200 OK 8.3 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash e49f0561a452c9d04fb7d1510a23cc8c
9e8fc2e3129da4fe2790eee565a6478b864bea83
ab4f9f418b022ab34d617ee2f95d70afff005ed4d4d92e313ce84a56b40bce75
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 17:34:30 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8254
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
103.195.185.18409 Conflict 83 B URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 409 Conflict
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.kraftstones.com/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1
103.195.185.18200 OK 3.7 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1788), with CRLF line terminators
Hash 865096d8a0c105f390afbd43be62c14c
533b4158ae4e3ac4402b9ab663c6dfb1b86dc5dc
10c5f08fce32f976ac59f0b42c5fa2e01346188e8c1a2d8506ac5dd0f09377bb
GET /wp-content/plugins/salient-social/js/salient-social.js?ver=1.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Fri, 28 Feb 2020 07:31:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3677
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
103.195.185.18200 OK 2.9 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2829), with CRLF line terminators
Hash 022d5920a07d8b42d42eff881a4a6d7e
d11ab6e0d49e9850f60613e5bbe5901e5534c9eb
2f431f96be55646854462d514880437bfb6845e06e625309f2e04833514a1b97
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 15:47:52 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2877
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
103.195.185.18200 OK 39 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65447)
Hash feb933ceca72e1d76b471ed9db278b0d
6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 20:37:24 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
103.195.185.18200 OK 3.8 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7281), with CRLF line terminators
Hash 807c2da1c75eba3201cbe7c707b59938
33245a3b33fec7ec5f41a895bfc1a14845e47617
b4d70bc18245c4edf040747da8e13eb63d949576e53de8c27612a38dada01365
GET /wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 00:48:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3824
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
103.195.185.18200 OK 2.9 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (1785), with CRLF line terminators
Hash 7165d1f37e28bdc45dac007af8ec735c
4bd9ad96167b255e629a265457e8c6a035826a6c
014aedc9e2de405f64f561d9a17332eacee4ea91fb139d9a75d0056db5b79720
GET /wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 20 Jun 2019 05:34:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2914
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
103.195.185.18200 OK 4.1 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8863), with CRLF line terminators
Hash 2f5ebf8a4178493b43055f7351348fea
63ad152a9163762a38b437ca68057bb9d4f10043
c3b57b2535198f3105b482a51061c83ac99b9bfead7bb922fd843bee570a8175
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Mon, 25 Feb 2019 12:09:32 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4072
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/modernizr.js?ver=2.6.2
103.195.185.18200 OK 8.1 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/modernizr.js?ver=2.6.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (17267), with CRLF line terminators
Hash 219f0b5e57adf2e04dbffb23d9a1482a
62ca359b90bc1901d2d58b48a3a0026a053f7da4
4e8a941ae00d3d3011b527e3a17593d5dfb1b25b9e8686aea3609d8223f1ec97
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/modernizr.js?ver=2.6.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Wed, 25 Apr 2018 06:47:52 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8144
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/priority.js?ver=11.0.4
103.195.185.18200 OK 3.2 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/priority.js?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1788), with CRLF line terminators
Hash e05b819a6ec51e1f8a9881f8a9fec510
6e6c670ac3c98569e90952c23e863be5d3d887df
3657354c8d7b96021b8c62df2e1f1340a821add0d2fb0e64faf71445a6b7e4f3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/priority.js?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 28 May 2019 00:49:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3214
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
www.kraftstones.com/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
103.195.185.18200 OK 3.0 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7262), with CRLF line terminators
Hash b4a1495aca0518739ca6de5ea67bb229
c2a90290d1232236f47e0d74b14adf02e236c119
c544b7ff13a294a9d46494053ffdaf9cda4524a5e0e3083a3e870b5b3a6f89da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Fri, 28 Feb 2020 07:31:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3018
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
103.195.185.18200 OK 1.9 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1933), with CRLF line terminators
Hash 0c3344c3176de33ee28f8266073c586b
0f71fea1a22b74eb0531bebfe2820a38fb9c1d2f
f498cd265edb14950afbf4f1c697ead5bdd06b7513e8d7ed546b761d9427cfe0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Last-Modified: Wed, 13 Mar 2019 02:33:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1912
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/themes/salient/css/style.css?ver=11.0.4
103.195.185.18200 OK 127 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/style.css?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Size 127 kB (127360 bytes)
Hash ed1dc02a08e6253df887c2141764c404
d6764ac7383a20dc7ccc7be8fd492efc30de2012
fffa40251fc43a0807c45c26f838da7951cacb3738a0d3c70a0186b840b53be2
GET /wp-content/themes/salient/css/style.css?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 26 Jun 2020 09:53:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
www.kraftstones.com/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
103.195.185.18200 OK 4.4 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1785)
Hash 631bcf0a4e40db1d78b71511b276a712
1b710e731ec223c47575473e073c2353cd9eb8fe
77bb6e5c8cc3f996655717040b54f2709d7890681f3f0a0e86a9c4d9fc19d9e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Last-Modified: Thu, 29 Aug 2019 01:13:58 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4416
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
103.195.185.18200 OK 4.5 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11142), with CRLF line terminators
Hash d66285e39e36642078175573691a3a81
1c486f02f537dc60c75c8efd33e85f4da627cc2b
dec33c9e623f9b9726d13088bb1896545130d66d3f4e796a0cbc071e00b67c8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Last-Modified: Fri, 28 Feb 2020 07:30:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4547
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: application/javascript
www.kraftstones.com/wp-content/plugins/wp-whatsapp-chat/assets/frontend/js/qlwapp.min.js?ver=4.6.1
103.195.185.18200 OK 2.8 kB URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/wp-whatsapp-chat/assets/frontend/js/qlwapp.min.js?ver=4.6.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6904), with no line terminators
Hash b0b539e6aab4c20224e6db5b581a2aa7
4435276f7d7614a01273d132d02c7f7ac89da7ad
43d69d1d01f004a4a985d32404cc08bffae41061a1ab640562eafe6ed7fd8366
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-whatsapp-chat/assets/frontend/js/qlwapp.min.js?ver=4.6.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Last-Modified: Mon, 16 Mar 2020 12:09:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2827
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16289
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:01:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16289
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:01:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16289
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:01:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16289
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:01:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16289
Expires: Sat, 17 Sep 2022 12:32:48 GMT
Date: Sat, 17 Sep 2022 08:01:19 GMT
Connection: keep-alive
www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1
103.195.185.18200 OK 30 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (31972)
Hash 793997ff526b6310ddec521325fc1505
829153df5fc5ae1a93f1e430d3d7603dced8c21b
27d6b29d36c77a4c8afda7f5f18a82c13724ac15c995c0bbb406a01e6d8cb475
GET /wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Last-Modified: Fri, 23 Aug 2019 01:33:40 GMT
Accept-Ranges: none
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2223b64d-7436-4cd8-9633-fc79069394d6.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2223b64d-7436-4cd8-9633-fc79069394d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2efd7ea9edbfe7d4d2cf6685dc60f571
dfb08910372586148c4e1fbea598818bf65cdbdb
a731494ee4cfd1d6d8642dc837f6731d55b84033f0f88a3e45fd82b07d137b28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2223b64d-7436-4cd8-9633-fc79069394d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9486
x-amzn-requestid: eb3622e4-3ac9-4148-8da1-0eb73e24e798
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRYP8HkYIAMF4mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d3a65-418ddfed5fe892af4998abc0;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 01:31:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ny_MBsNOIVhY71rCysMfnx9aAqiywjM1Y0sObUSjYITxCSDxbmnVZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:55:31 GMT
age: 36348
etag: "dfb08910372586148c4e1fbea598818bf65cdbdb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kraftstones.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
103.195.185.18200 OK 5.3 kB URL HTTP/1.1 www.kraftstones.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 11:26:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5321
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37eff517-f8c4-4e04-9fb6-e9a22aa4d8bf.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37eff517-f8c4-4e04-9fb6-e9a22aa4d8bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0c4155f7b9f8a4a31780ea86e50e398
50ae5dbe015dc8b9ad022cb5b11cb2c4c8086368
598683a93574a8418e19decdbfc5bcae2f028c6e1791c192f98425bd8e339ad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37eff517-f8c4-4e04-9fb6-e9a22aa4d8bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: c570654d-569c-4faf-9690-5ffab5eaceed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YR5sREScIAMF5RA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d6fe7-3ed179845a3e9ede478e6dfa;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 05:19:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kkko85Peg1nRJNE9WmrID7GfTrqjOuXZHDAcPRS6ZXIdEQF4YOMBVw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:39:39 GMT
age: 37300
etag: "50ae5dbe015dc8b9ad022cb5b11cb2c4c8086368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35fd8af4-6883-4fbd-bf72-19167284c2ad.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35fd8af4-6883-4fbd-bf72-19167284c2ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2815dd402ec758d2088a6f360d29847b
5b7e4c16a2083e189a40790dca647280a3a3665b
5dd6aa9a36e6a18a66dfd7e444cbcfce8088b0eab648d784d2e554958d64edea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35fd8af4-6883-4fbd-bf72-19167284c2ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7644
x-amzn-requestid: 9e035566-625b-4b9f-ad72-3266f8cde01b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfIiDGINoAMFTKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322bad9-28ac917b20ca2ef64fbff2d4;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 05:40:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VPyKY-vxd6iYGRtTefTd2Cnugg7Rpe_fLZ0pENo4XGYS0DT-tkezDQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:54:37 GMT
age: 36402
etag: "5b7e4c16a2083e189a40790dca647280a3a3665b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c807387d303abb2bca1ef14b14c9e26
428fe80d3f35758433a6b2cf25e6bcb5f63a6a63
277a74204dc8bec8a227ca43cdb840b5dda71f74e8aec56606e862e70a5ba19c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5234
x-amzn-requestid: 55e23e9a-f85c-42f2-87b6-aff3646bf1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yknn_EFzoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec99-62f023426230c7b46116d4b7;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:29 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fb2wN0gTI9OKgDghf1u4DKwrADkYcS5_7LIxaLxmbo0OciwezGh_LA==
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:41:22 GMT
etag: "428fe80d3f35758433a6b2cf25e6bcb5f63a6a63"
content-type: image/jpeg
age: 37197
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965c1f46-ea3e-498e-b9dd-07a252ce51c2.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965c1f46-ea3e-498e-b9dd-07a252ce51c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6656c96d31803728c2fcd707289bcd27
5139023bb709d865d26a9b2fac4b02260966c347
41c958a36909953f47208de41fb76081ce2c5bb80afec7c15b7c544b464880b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965c1f46-ea3e-498e-b9dd-07a252ce51c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6991
x-amzn-requestid: 799f17de-b856-4be7-abbf-0d444f605a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXe-WE9toAMF41A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fab8e-6f2639d75967c1d2213d2d8b;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:58:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EvWc_HiIQ23ll8soCl8tWfARIqe_B5HKpchZaGKSoZy576KLyjcfCw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:56:33 GMT
age: 36286
etag: "5139023bb709d865d26a9b2fac4b02260966c347"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 65YRttsQYzjUMMZXrtAFPdgTPNQuRGnLFliXrcoc24iQgrdBCHolNQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:31:11 GMT
age: 34208
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b4a24f9aebdfdb06d10cd53e92a70bb8
c4532479dbd9636d8f5206faa085c520651eb5f2
1d330af2b423e351355f710f14cb771fa9918e8b6638c5076aba7bcda6c30936
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext
IP 142.250.74.10:0
Hash 62adb273c98f1e93ecdb8bdd56f46973
9263434bf7f08660ca9e04ae6cb9866cfcc2286b
8f9ecc788b42655bd8012ea68e9a1e0c717eace332ed6957913820e260aa1ef2
GET /css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Sep 2022 08:01:18 GMT
date: Sat, 17 Sep 2022 08:01:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.kraftstones.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 343818
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
103.195.185.18409 Conflict 83 B URL HTTP/1.1 www.kraftstones.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 409 Conflict
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c6cb8e41bfa21ef4b5c1ace2e5363bc
9803475310757bbb21f9ad39c6eb73c27407b72f
6040a3fc771a48a90ea8688f09019459a330342aa44f01e42ed30fcdfe7b726b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6040A3FC771A48A90EA8688F09019459A330342AA44F01E42ED30FCDFE7B726B"
Last-Modified: Fri, 16 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1302
Expires: Sat, 17 Sep 2022 08:23:01 GMT
Date: Sat, 17 Sep 2022 08:01:19 GMT
Connection: keep-alive
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d7139.293516143583!2d74.865988!3d26.531483!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x7ec0fb8b901d745f!2sKraft%20Stones!5e0!3m2!1sen!2sin!4v1584183680535!5m2!1sen!2sin
142.250.74.164200 OK 1.3 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d7139.293516143583!2d74.865988!3d26.531483!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x7ec0fb8b901d745f!2sKraft%20Stones!5e0!3m2!1sen!2sin!4v1584183680535!5m2!1sen!2sin
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2436)
Hash 57aec48c7893e1416a6d850055034643
1b7380aacade935db4f133a4556908cd6a28d72e
d2f6a19216ed6a7838dfd156b954302e822c1cad4fce62738f7b9d210435dba4
GET /maps/embed?pb=!1m14!1m8!1m3!1d7139.293516143583!2d74.865988!3d26.531483!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x7ec0fb8b901d745f!2sKraft%20Stones!5e0!3m2!1sen!2sin!4v1584183680535!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 17 Sep 2022 08:01:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-PusFupYXoeJdZT3B9vqZBw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1251
x-xss-protection: 0
server-timing: gfet4t7; dur=136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9730b7d7d5f0481f65712991a899f4b8
facb4df5e4a4ac98b9bdd126c7dbb531cf0fe1e7
15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 08:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.kraftstones.com/wp-content/themes/salient/css/fonts/icomoon.woff
103.195.185.18200 OK 21 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/fonts/icomoon.woff
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 20916, version 0.0\012- data
Hash 503f4c3606b29a5069449a7fe94693cc
95159c43989b040739102f0d63f4d8dcd88ad067
4bdcd4f2bcb9d40a6f557e5d84ed60c74502ce09bd349f3bdfe67d5aee917018
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/salient/css/fonts/icomoon.woff HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.kraftstones.com/wp-content/themes/salient/css/style.css?ver=11.0.4
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Last-Modified: Sat, 18 May 2019 05:35:36 GMT
Accept-Ranges: bytes
Content-Length: 20916
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: font/woff
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
216.58.207.234200 OK 57 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad
IP 216.58.207.234:0
File type ASCII text, with very long lines (2578)
Hash 501239aad74991d3994fc936898743c7
3ef3be562b275d649fcdd698ba0945539046767e
7f7d5fff6099ce8837973d481f3fafeff0d6e67a25c1c908261be59343f875e2
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en®ion=in&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56937
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=14
date: Sat, 17 Sep 2022 07:49:23 GMT
expires: Sat, 17 Sep 2022 08:19:23 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
collect.greengoplatform.com/flag.js?v=7.1.3
91.211.91.112200 OK 573 B URL HTTP/1.1 collect.greengoplatform.com/flag.js?v=7.1.3
IP 91.211.91.112:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (2348), with no line terminators
Hash 2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef
GET /flag.js?v=7.1.3 HTTP/1.1
Host: collect.greengoplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 17 Sep 2022 08:01:19 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.kraftstones.com/wp-content/uploads/2020/02/fevicon.png
103.195.185.18200 OK 43 kB URL HTTP/2 www.kraftstones.com/wp-content/uploads/2020/02/fevicon.png
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 140 x 139, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f920895d3ad7c34308eb28f069ab608
d49a571213ced5e680f929671351028186ea79ac
178645358a4bdff5de056cfcb911de1f61982fb4e23ff14bd6e6d609ff56b494
GET /wp-content/uploads/2020/02/fevicon.png HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 28 Feb 2020 10:23:22 GMT
accept-ranges: bytes
content-length: 42872
content-type: image/png
date: Sat, 17 Sep 2022 08:01:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
103.195.185.18200 OK 98 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
GET /wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.kraftstones.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Last-Modified: Thu, 22 Dec 2016 11:20:34 GMT
Accept-Ranges: bytes
Content-Length: 98024
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: font/woff
www.kraftstones.com/wp-content/themes/salient/js/init.js?ver=11.0.4
103.195.185.18200 OK 158 kB URL HTTP/1.1 www.kraftstones.com/wp-content/themes/salient/js/init.js?ver=11.0.4
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (348), with CRLF line terminators
Size 158 kB (157714 bytes)
Hash a407dc54dbe6b5625ff24a02ff2126d9
c4593e4f8c1e258d1c14628618defe40f544e42e
50fc9fcb2db12eecbf5852528680e8b7d50fa3034718d4478b9f7e89f43d6323
GET /wp-content/themes/salient/js/init.js?ver=11.0.4 HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.kraftstones.com/Verify/M&T/login.php?online_id=bc3b64d8522ea74674cffadaf&country&iso
Cookie: _ga=GA1.2.892319584.1663356869; _gid=GA1.2.653465649.1663356869
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 08:01:19 GMT
Server: Apache
Last-Modified: Thu, 03 Oct 2019 01:58:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 17 Sep 2022 06:41:12 GMT
expires: Sat, 17 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 4808
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=801067281&t=pageview&_s=1&dl=http%3A%2F%2Fwww.kraftstones.com%2FVerify%2FM%26T%2Flogin.php%3Fonline_id%3Dbc3b64d8522ea74674cffadaf%26country%26iso&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Kraft%20Stones&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=QACAAUABAAAAAC~&jid=1179640866&gjid=542533482&cid=892319584.1663356869&tid=UA-174892953-1&_gid=653465649.1663356869&_r=1>m=2ou9e0&z=1773664050
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=801067281&t=pageview&_s=1&dl=http%3A%2F%2Fwww.kraftstones.com%2FVerify%2FM%26T%2Flogin.php%3Fonline_id%3Dbc3b64d8522ea74674cffadaf%26country%26iso&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Kraft%20Stones&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=QACAAUABAAAAAC~&jid=1179640866&gjid=542533482&cid=892319584.1663356869&tid=UA-174892953-1&_gid=653465649.1663356869&_r=1>m=2ou9e0&z=1773664050
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=801067281&t=pageview&_s=1&dl=http%3A%2F%2Fwww.kraftstones.com%2FVerify%2FM%26T%2Flogin.php%3Fonline_id%3Dbc3b64d8522ea74674cffadaf%26country%26iso&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20Kraft%20Stones&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=QACAAUABAAAAAC~&jid=1179640866&gjid=542533482&cid=892319584.1663356869&tid=UA-174892953-1&_gid=653465649.1663356869&_r=1>m=2ou9e0&z=1773664050 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.kraftstones.com
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://www.kraftstones.com
date: Sat, 17 Sep 2022 08:01:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
khms1.googleapis.com/kh?v=930&hl=en&gl=IN&x=2899&y=1734&z=12
216.58.207.202200 OK 14 kB URL HTTP/2 khms1.googleapis.com/kh?v=930&hl=en&gl=IN&x=2899&y=1734&z=12
IP 216.58.207.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash d06df42c9b71b105c7825d1cd7a9cfa7
dd2fa602f21ad87b9f85e8ffac3ac57b0104f2e5
5909417ae5c70e2901a26ca7febeb16d020274c867e17a97cb15b009c3d8a800
GET /kh?v=930&hl=en&gl=IN&x=2899&y=1734&z=12 HTTP/1.1
Host: khms1.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
expires: Sun, 17 Sep 2023 08:01:20 GMT
access-control-allow-credentials: true
date: Sat, 17 Sep 2022 08:01:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
cache-control: public, max-age=31536000
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 14424
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/uploads/2020/02/cropped-fevicon-32x32.png
103.195.185.18200 OK 3.2 kB URL HTTP/2 www.kraftstones.com/wp-content/uploads/2020/02/cropped-fevicon-32x32.png
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash c22954b59d86cf9c1a0e8cd16d5ca172
d671b465a0fc3ea1483da487a329131c84528572
d878d226f41b07cbb3a43c4e790ff3e315b75f34b54dce2cb53c3ce8bd3c5ef2
GET /wp-content/uploads/2020/02/cropped-fevicon-32x32.png HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 28 Feb 2020 10:23:48 GMT
accept-ranges: bytes
content-length: 3174
content-type: image/png
date: Sat, 17 Sep 2022 08:01:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.kraftstones.com/wp-content/uploads/2020/02/cropped-fevicon-192x192.png
103.195.185.18200 OK 60 kB URL HTTP/2 www.kraftstones.com/wp-content/uploads/2020/02/cropped-fevicon-192x192.png
IP 103.195.185.18:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type gzip compressed data, max compression\012- data
Hash 0854309ec0056bbec837f943aef75a74
233dd57f14101aaafb25b292136975173a06de03
8ac023f1acc2fd7e4c2c741aef8294db2d1a3cc886fcf3ae4d48faacac1b6866
GET /wp-content/uploads/2020/02/cropped-fevicon-192x192.png HTTP/1.1
Host: www.kraftstones.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 28 Feb 2020 10:23:48 GMT
accept-ranges: bytes
content-length: 58551
content-type: image/png
date: Sat, 17 Sep 2022 08:01:20 GMT
server: Apache
X-Firefox-Spdy: h2
load.bettershitecolumn.com/slash.js?v=0.9.7
91.211.91.104200 OK 2.1 kB URL HTTP/2 load.bettershitecolumn.com/slash.js?v=0.9.7
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with very long lines (6368), with no line terminators
Hash 493c7ea62e92db6d1d97c7eec333e323
aa97703f2185add6def20ad1685114fd369ae920
c0764019c75e8cd15b54fee21e9d9f18952ace99ed86fdfac36645f5d7a95690
GET /slash.js?v=0.9.7 HTTP/1.1
Host: load.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.kraftstones.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 10:59:21 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6311e209-18e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.php?aid=98823&uid=46536-433-636474-23 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.kraftstones.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 17 Sep 2022 08:01:22 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
91.211.91.104200 OK 816 B URL HTTP/2 away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 91226cf2c0e580b2dea3484ad88f5087
8df2d7b6fa0899a30ad95f8304688334e8b974fd
03f70f06899601776fe928b087bee7f249277efae9904d3f3b36f30c298fb472
GET /track.php?tid=54889&lid=9554-66-457679-29 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.kraftstones.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:23 GMT
content-type: text/html; charset=UTF-8
content-length: 816
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eda48eedf3cf8c139cfcf6c046d41de9
c191f1527393de6f7ba824b41969f0392ffe6d6f
ad5554189542dd74556e6058733c3066e34c1064196c2cc209c42d013ab01cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD5554189542DD74556E6058733C3066E34C1064196C2CC209C42D013AB01CC9"
Last-Modified: Wed, 14 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12001
Expires: Sat, 17 Sep 2022 11:21:24 GMT
Date: Sat, 17 Sep 2022 08:01:23 GMT
Connection: keep-alive
silverlinetogther.net/b81698fd2.js
185.177.94.152200 OK 54 B URL HTTP/2 silverlinetogther.net/b81698fd2.js
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 30c1fd0f847f40d79960103f317ec07d
a0d13efcd4192c63adc1eabfb05717ad1cebd931
556ec061bb60ac3e9a1769e325fa43e4e6c1351216161560bdd37356956dbd1f
GET /b81698fd2.js HTTP/1.1
Host: silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=ef0aba8d-f80b-4a98-802b-44567753a253
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 02 Jul 2022 04:59:02 GMT
etag: "62bfd096-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
silverlinetogther.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 silverlinetogther.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverlinetogther.net/go/he2tszrzmq5dcmbugayq?sub2=slicer2
Cookie: uuid=ef0aba8d-f80b-4a98-802b-44567753a253
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Sep 2022 08:01:23 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a224e609d39fa21d7588b75cca1f54e5
d1123a92949a5fc3e20e5c760063c5df2b162b7a
e18400bf51942b4efa39d2c7debbef1e4eca280b0e2df5bf5839fbbe79640ed9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E18400BF51942B4EFA39D2C7DEBBEF1E4ECA280B0E2DF5BF5839FBBE79640ED9"
Last-Modified: Wed, 14 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11524
Expires: Sat, 17 Sep 2022 11:13:28 GMT
Date: Sat, 17 Sep 2022 08:01:24 GMT
Connection: keep-alive
browork3er.cc/sw/bro.js
212.129.18.219200 OK 1.4 kB IP 212.129.18.219:0
Hash ec901f280a7e5f4510141413740becf5
bf7a84a9586f46bedee7218a9e365def0bb93ac2
6ba759c09330d6d98b026462b8584a18119a6256df96604235cd37b0be12cae7
GET /sw/bro.js HTTP/1.1
Host: browork3er.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverlinetogther.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Sep 2023 08:01:24 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.silverlinetogther.net/favicon.ico
185.177.94.152204 No Content 0 B URL HTTP/2 0.silverlinetogther.net/favicon.ico
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 0.silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.silverlinetogther.net/index.php?p=he2tszrzmq5dcmbugayq&sub2=slicer2
Cookie: uuid=ef0aba8d-f80b-4a98-802b-44567753a253; uuid=ef0aba8d-f80b-4a98-802b-44567753a253
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Sep 2022 08:01:24 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 575a5ca0df86cb149f925b1b952d88c0
677d323e7c5fc9bb8e0bb608e4be45a33f003c41
2a0802799884194a56cf19520b2e8b1ead797dd6a1084fa59262edfe7abd6509
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A0802799884194A56CF19520B2E8B1EAD797DD6A1084FA59262EDFE7ABD6509"
Last-Modified: Thu, 15 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11945
Expires: Sat, 17 Sep 2022 11:20:29 GMT
Date: Sat, 17 Sep 2022 08:01:24 GMT
Connection: keep-alive
di1.biz/favicon.ico
185.177.92.179204 No Content 0 B IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: di1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://di1.biz/?auf=mjsteolcgu5dcnrqgixtcmbugays6mrqf44tgm3eguztmyrpgi2c6mjwgyztimbrgy4di&p=b&sub1=&sub2=slicer2&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=3aa369ab-fc27-4b53-83c0-e46cf09364a0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 17 Sep 2022 08:01:24 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
browork3er.cc/sw/bro.js
212.129.18.219200 OK 0 B IP 212.129.18.219:0
GET /sw/bro.js HTTP/1.1
Host: browork3er.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.silverlinetogther.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sun, 17 Sep 2023 08:01:24 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.silverlinetogther.net/index.php?p=he2tszrzmq5dcmbugayq&sub2=slicer2
185.177.94.152200 OK 0 B URL HTTP/2 0.silverlinetogther.net/index.php?p=he2tszrzmq5dcmbugayq&sub2=slicer2
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
GET /index.php?p=he2tszrzmq5dcmbugayq&sub2=slicer2 HTTP/1.1
Host: 0.silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://silverlinetogther.net/
Cookie: uuid=ef0aba8d-f80b-4a98-802b-44567753a253
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:24 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ef0aba8d-f80b-4a98-802b-44567753a253; expires=Mon, 17-Oct-2022 08:01:24 GMT; Max-Age=2592000; path=/; domain=0.silverlinetogther.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
di1.biz/?auf=mjsteolcgu5dcnrqgixtcmbugays6mrqf44tgm3eguztmyrpgi2c6mjwgyztimbrgy4di&p=b&sub1=&sub2=slicer2&sub3=&sub4=&cpc=0&cpm=0
185.177.92.179200 OK 0 B URL HTTP/2 di1.biz/?auf=mjsteolcgu5dcnrqgixtcmbugays6mrqf44tgm3eguztmyrpgi2c6mjwgyztimbrgy4di&p=b&sub1=&sub2=slicer2&sub3=&sub4=&cpc=0&cpm=0
IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?auf=mjsteolcgu5dcnrqgixtcmbugays6mrqf44tgm3eguztmyrpgi2c6mjwgyztimbrgy4di&p=b&sub1=&sub2=slicer2&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1
Host: di1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.silverlinetogther.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:24 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=3aa369ab-fc27-4b53-83c0-e46cf09364a0; expires=Mon, 17-Oct-2022 08:01:24 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
silverlinetogther.net/go/he2tszrzmq5dcmbugayq?sub2=slicer2
185.177.94.152200 OK 0 B URL HTTP/2 silverlinetogther.net/go/he2tszrzmq5dcmbugayq?sub2=slicer2
IP 185.177.94.152:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Malware
GET /go/he2tszrzmq5dcmbugayq?sub2=slicer2 HTTP/1.1
Host: silverlinetogther.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 08:01:23 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ef0aba8d-f80b-4a98-802b-44567753a253; expires=Mon, 17-Oct-2022 08:01:23 GMT; Max-Age=2592000; path=/; domain=silverlinetogther.net
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2