Report - kruewancurtain.com/

Report Overview

Submitted URL
kruewancurtain.com/
IP
104.21.60.114
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-26 02:10:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
kruewancurtain.com	unknown			7.3 kB	233 kB	104.21.60.114
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	49 kB	34.120.237.76
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.6 kB	3.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	401 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	364 B	1.1 kB	142.250.74.10
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-10T13:32:40Z	406 B	6.9 kB	104.18.11.207
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T13:37:03Z	1.6 kB	88 kB	216.58.207.195
www.w3counter.com	176316	2012-05-22T21:50:39Z	2023-03-09T04:58:13Z	363 B	661 B	104.26.7.93
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.3 kB	6.2 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	321 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed
2022-10-26	medium	kruewancurtain.com	Sinkholed

JavaScript (11)

	URL	Size	First Seen	Last Seen
	kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1	3.5 kB	2023-03-07	2024-04-21
Pretty URL kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1 IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:00 Last Seen2024-04-21 11:44:36 Times Seen277 Hash dbfc65337a326c1c5b7a720becb486cd 40f1aa033240d056477cbbc8ea0a02e4efddf66f 44d8986e61b7b212a93ba0c3a3a9c880420451d7efa7938d711dd03e655c0969 Loading...

	kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.14.2	16 kB	2023-03-07	2024-04-18
Pretty URL kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.14.2 IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:17 Last Seen2024-04-18 07:54:29 Times Seen1225 Hash 28c3a79b698984aeea534457071a9fb2 ee62a28760e7263f10307a988b244f1f0237601a e3d3660aee33ed4ad14e6dadf15503bf26d877be610ff8c69db18653cc8b8915 Loading...

	kruewancurtain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-21
Pretty URL kruewancurtain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-21 18:36:10 Times Seen15482 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	kruewancurtain.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2	1.5 kB	2023-03-07	2024-04-23
Pretty URL kruewancurtain.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-04-23 10:23:53 Times Seen27385 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	kruewancurtain.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-22
Pretty URL kruewancurtain.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-22 15:34:31 Times Seen31788 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	kruewancurtain.com/	2.1 kB	2023-03-10	2023-03-10
Pretty URL kruewancurtain.com/ IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:04:55 Last Seen2023-03-10 15:04:55 Times Seen1 Hash 0abe601f8c08bbc423c3229e3972fac8 3fee2daba07cf4d8b41994e26181daa9285eb785 d0178b8545cea019158fd88c826068bfbb9f4e8bb18f4405f6895fc9b6cfec02 Loading...

	kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/blankshield/blankshield.min.js?ver=4097	1.9 kB	2023-03-07	2023-12-27
Pretty URL kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/blankshield/blankshield.min.js?ver=4097 IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:44 Last Seen2023-12-27 11:13:48 Times Seen137 Hash 48bc9e9d8beb4a741f8a1a120b02d928 50bb3a7ec50f899dbcb158810fb36ce43fa0eaae dde3c511ec41476049936d42ec7eb5fe292454bc990d42684b4250926a50c1aa Loading...

	kruewancurtain.com/	1.1 kB	2023-03-10	2023-03-10
Pretty URL kruewancurtain.com/ IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:04:55 Last Seen2023-03-10 15:04:55 Times Seen1 Hash 65cbba7dc74d045e9b2ee2958d62dfd3 31e84522ca842afd92b9f4f3cdda7afe5cf05495 3aff4dad4189d1898767b19721c05e921b7ae2e781e8e349eba1133218f19b9c Loading...

	kruewancurtain.com/echarts-lonjslone.js	11 kB	2023-03-10	2023-03-10
Pretty URL kruewancurtain.com/echarts-lonjslone.js IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:32:27 Last Seen2023-03-10 15:04:55 Times Seen1 Hash 37e581a8c4e27c1efc65543628a361e9 b9f4cdf24307877d4cc3793357f5170b0e211a57 d307b8d0d9a6b42dd607cfa9b943fb18831736a3b18c1f500231c177e2f3610b Loading...

	kruewancurtain.com/	57 B	2023-03-07	2024-04-20
Pretty URL kruewancurtain.com/ IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:11 Last Seen2024-04-20 17:46:30 Times Seen1415 Hash 2d313be4b5d93e9b681de954aaeb3006 1e0508be1026244daf1812f988033612c3945bdb 9059d0d74efaf0e229d59a9c05ace7b975b42ccacea21e01aa64c56b2157048c Loading...

	kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/block-tabnapping.js?ver=4097	129 B	2023-03-07	2023-12-01
Pretty URL kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/block-tabnapping.js?ver=4097 IP 104.21.60.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:27 Last Seen2023-12-01 15:48:07 Times Seen26 Hash 57ec1ebdca32e08c4ad92587d88e4313 881eba48addca05e32e6dadc0128075b3f3cc3d4 8865cda06dab368058448485494dcdaa0b7fc42613ff2684df0c7e7a2c87b900 Loading...

HTTP Transactions (48)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3000
Expires: Wed, 26 Oct 2022 03:00:48 GMT
Date: Wed, 26 Oct 2022 02:10:48 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4345
Cache-Control: max-age=117168
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:48 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:43:36 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5430
Cache-Control: max-age=118253
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:48 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 11:01:41 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16370
Expires: Wed, 26 Oct 2022 06:43:38 GMT
Date: Wed, 26 Oct 2022 02:10:48 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mKSIj+ANVcMDM6K5XGSQugGgKjb8k3z6KkZo6/w+Zvqab1f80TcRIoADLctGcyZaMP6SnhNu0DA=
x-amz-request-id: EB13EDRBG650VG29
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 02:09:11 GMT
age: 97
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 02:10:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9

142.250.74.10

200 OK

535 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Montserrat%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
535 B (535 bytes)
Hash
62df4682a8522aa8606ac4311f526e73
8c1ce50400fde634026e1441c62974b60a517ef6
21fb36ca0e4f6dbe94b636ff9c18e3c573a681c89da885577e01ca9447b2723f

HTTP Headers

GET /css?family=Montserrat%3Aregular%2C700%2Cregular%2C700%2Cregular&display=swap&ver=3.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 26 Oct 2022 02:10:49 GMT
Date: Wed, 26 Oct 2022 02:10:49 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
cef0dba9b87a937ecde01b1b559a2c64
8a793058d49bf6c8e5cd310959c2548294d0d982
83021fdaf93c7f8abb8dd6d659f3c49eada1d18f98b2a2340b0c644f7ab6bd2d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5723
Cache-Control: max-age=105947
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:49 GMT
Etag: "63577ba9-116"
Expires: Thu, 27 Oct 2022 07:36:36 GMT
Last-Modified: Tue, 25 Oct 2022 06:01:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
cef0dba9b87a937ecde01b1b559a2c64
8a793058d49bf6c8e5cd310959c2548294d0d982
83021fdaf93c7f8abb8dd6d659f3c49eada1d18f98b2a2340b0c644f7ab6bd2d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5105
Cache-Control: max-age=105329
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:49 GMT
Etag: "63577ba9-116"
Expires: Thu, 27 Oct 2022 07:26:18 GMT
Last-Modified: Tue, 25 Oct 2022 06:01:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 600
Cache-Control: max-age=108359
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 02:10:49 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 08:16:48 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

104.18.11.207

200 OK

6.0 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26548)
Size
6.0 kB (6017 bytes)
Hash
b4489cda98c3b8b796721ec11c7d1430
16379920b2586c49efcf1ec3d2f0050fa70ac32a
81eba44d68b0fea1b78d903e1c50c0ce602af69bd0305b3f84aa35ba2afd4682

HTTP Headers

GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kruewancurtain.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 02:10:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 12197001
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75ffa8625aa4b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kruewancurtain.com/echarts-lonjslone.js

104.21.60.114

200 OK

5.4 kB

URL HTTP/1.1
kruewancurtain.com/echarts-lonjslone.js
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (11257), with no line terminators
Size
5.4 kB (5350 bytes)
Hash
97539dae141d05206d3b9602fcac83b1
d82197f6deb43f1fed195c4ecf2e6bc534b51abb
eb571e02ffbea9598f457cc45a1272fe9c644d967970a3bbf1165198204f7dbc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /echarts-lonjslone.js HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:49 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
X-Powered-By: Nginx
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHPwlLCoPreCeuOqnwM7Zo544YSdp4GI59U4GVHpV2HTBnSdpYJ3%2Fm3wNAHy1JqV%2FMSYzg96UsOeWj8U7ssKqQVlFeAr4ElagwGJLbijLpD6B%2FFNVo6jKxQQxTvR6hxZBW4MvNI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861eb83b4f7-OSL
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/plugins/manga-config-website-plugin/assets/css/styles.css?ver=6.0.2

104.21.60.114

200 OK

1.2 kB

URL HTTP/1.1
kruewancurtain.com/wp-content/plugins/manga-config-website-plugin/assets/css/styles.css?ver=6.0.2
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1185 bytes)
Hash
c0c87dcdda2f31474c5b4fd3f0c0d2c3
9263d29fd36f3591417d6a7b2dbca64d0903841a
d58cb11d80e5bd1b747bf24ec709f55df35bd629b40102fe20248eaa65d9cae0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/manga-config-website-plugin/assets/css/styles.css?ver=6.0.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56f9b87def8"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFR6ujnqdEQqmSs5IPFFXIjGt%2BWCo%2BxxQd%2Fo8aMRJ8B6GJgwVCo0DJoTWiaGXo2mwCqn%2BBTwqT2PhQk%2FzgwR%2FBQEFgXsMkDoks11sYaNvSHftF4mUR6NrMOA%2BY8sPUYrfiSCP0A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861eb80b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0

104.21.60.114

200 OK

2.5 kB

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.5 kB (2491 bytes)
Hash
a423f4c43ba074ccd0b38a54b97ebee7
14aae5ee0a6b7f74916849b3725d1d1805ef11f8
c6089d9635f166447eba08106a69f2f220109788170eba587a7d84e2a1f4c992

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome-child/style.css?ver=3.0 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56f9b772e2a"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i%2F6RA38j%2FOUlsIasZYmVJr4T4OHp7QoKMy6Rc15dIezrLkp27%2B%2FkmWkVlgnfV3IFsWSzbfv1j88pRZGs2E6HRfKEc%2F2U1F86nWIAzMDpavMYmpouAy7pX618PDNr2aav7d%2FKoM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861ea7db4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/

104.21.60.114

200 OK

39 kB

URL HTTP/1.1
kruewancurtain.com/
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14136), with CRLF, LF line terminators
Size
39 kB (39226 bytes)
Hash
e38148c6d7554ecb513e62fd199c0cf5
33e031176cbff0c993f8d69d1248b3916afe849d
e6ef703cb32d2b1e93c72c2d1417dede2a614a8d0b7a645bda374b615264a6ce

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Nginx
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4wFD1L5wtiEfWDsoJKy0jPiSCVvIppTx4jFoYKq7QKmMUGFjjfFWq99vyFmgHGhnCwRiwSq9oGss%2FgQBHFqYRpEY%2BMlOSyWc38OJ%2FLbevdzJuebF%2Bt02Nw2iNGhEvarm87QEAM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ffa85d8d71b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

104.21.60.114

200 OK

31 kB

URL HTTP/1.1
kruewancurtain.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
31 kB (30900 bytes)
Hash
141fb600108e5cdbb4af358f6aeb240f
b4f991f17b786fdec01fb0ac726d407265ebe64a
3365d55bebe1cd8c3ce765c7df5fb4c823236392ba36c978ea64706682e84695

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:50 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673a5fb896"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BQ2py5g7bNUHea%2FOHAzOzuvPtF3gvIFQClX3qI7pY2WrlEsnVNisPNTcADZhqoos51KPDk%2B793eBRbIKJGivRig4VuexMs8WHP8WbgoTAJ9Xajw7Rh2ERZUrVyXVXKV9by6ozo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861fb650b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10351
Expires: Wed, 26 Oct 2022 05:03:22 GMT
Date: Wed, 26 Oct 2022 02:10:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48cd6d0a-5e38-4eda-b349-0efb558678c9.jpeg

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48cd6d0a-5e38-4eda-b349-0efb558678c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7042 bytes)
Hash
9d4241ae7c2236e38cb6df2a3ecb5c8d
a19ff057587a29f7193f4b2c9755a4f216cc6c59
59aece251cdd8887c545e84bb5113f41b3a6b6af14f60161398b1bf2a5771484

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48cd6d0a-5e38-4eda-b349-0efb558678c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7042
x-amzn-requestid: dc5f1520-35a5-4432-acc8-9361f504d857
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alLEXH1RIAMFkIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585882-5f381fca2cf0db212fedb38a;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:43:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fMWT07LAcOSq_VD9gNZ41MIj1p9PQVO6iwkAaLQAl2jzHKqxuuqp4g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:50:23 GMT
age: 15628
etag: "a19ff057587a29f7193f4b2c9755a4f216cc6c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6831 bytes)
Hash
1cc61ad4b1d66ab4bce27288ee690e12
324e13ad5c99f628d713e55a2994ad4042ece70e
62cd88bc19bc1f0be2a37c3e990897158acd3d55aa3ddd299144d4f9596ba34e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6831
x-amzn-requestid: cc6f38ff-ab33-4b18-8cae-aa6bc061962f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjPH7ToAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857ae-3db2790d0e6c5fab6c4bc81f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tiWbOUwlRzaT2EnCWIgoFaT_ho55s3tgRxalb7yBbI21Pv0BhfLJOg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:52:53 GMT
age: 15478
etag: "324e13ad5c99f628d713e55a2994ad4042ece70e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2792ca2-a8f4-4e81-bcd4-6622a0af2bb5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6737 bytes)
Hash
09cb7bc8ddfe92c1130dbabd27512fc4
b8eec3e24a3960e1a65b8ae69a0e9648275d7af7
cd6b9cc817d8ce64a8a8f51cbee96343fc26b51d9f2dc8f905303c3c28f5b6da

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2792ca2-a8f4-4e81-bcd4-6622a0af2bb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6737
x-amzn-requestid: 7cc81b57-158b-4304-95dc-c0373f710537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alL-kFQPoAMFt7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635859f6-5b43711d2040d32f7a7cfcbd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:49:42 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: v7QWR9jPfLG67Woq6TFAFpG2j82t7l2RCYtg_WXBZcgEIR7WuLrwuQ==
via: 1.1 94be61e339880d0097634de6934f7710.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:52:53 GMT
etag: "b8eec3e24a3960e1a65b8ae69a0e9648275d7af7"
content-type: image/jpeg
age: 15478
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3337 bytes)
Hash
494a826ce7609ee5cc8157ea5de5f4f7
3d28f2daeef33f37c91bd26cb527793288635103
09f702f40e29e6b0c27abc5c7bb4605e504453b543c92805ba4045bd3d65c4d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3337
x-amzn-requestid: 5a06b710-2b88-435e-8863-3e0e58742e6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ21FjooAMFp8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585691-2adc1ac2375e087b20ad0e32;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:13 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iVIdtyyk_ph8AiTsWdQgDfWFHVIMh2pw4yrkufwogd3rsZFXwslwkg==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:46:52 GMT
age: 15839
etag: "3d28f2daeef33f37c91bd26cb527793288635103"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13796 bytes)
Hash
b946c4f2f177828cf7b76c5764e97157
c3856686b98e1883133aa1824c496d34512769a0
be818a015fc9c745ea561a0b9c2aca6ba25ade24acd696fa651163d47b195371

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc635673e-499c-4d9c-8bc5-a713fb19e221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13796
x-amzn-requestid: 90b1e032-78c6-499d-b564-f25c15e20304
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2OG0SoAMFx-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358568e-599d0f526fc6a01f77b67dcf;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qxBQMJAnYNJVLBf5LSOTC7v3hPl9sh-G-OIqrK7d5KpdVITaQCcGMA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:47:18 GMT
age: 15813
etag: "c3856686b98e1883133aa1824c496d34512769a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4524 bytes)
Hash
91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:34:40 GMT
age: 5771
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kruewancurtain.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.14.2

104.21.60.114

200 OK

31 kB

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.14.2
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31417 bytes)
Hash
293e33b981bf394a8db258adf059b7c5
797589110654860c9356a564f75a654c4f7ec087
a3f1f1dd5ab0ff835393d38878907f117c255cd9ad5e9c23f08264224a6b760b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.14.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56f9c122a33"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkR7zgzJN1P9K6MZd2pneqMleVWgwFTHW4H%2F0tx6kwM3c6PemT3vpyus1UqdJvoyuTBCQgpIQjSBE7ArUaccQ3nUow21PH8pr6ffgVEHS56%2BkCvjBVW5%2FzwNeHkHmMhWZ7ZlVic%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa861e971b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/uploads/2021/10/logo-topnhacai.png

104.21.60.114

200 OK

82 kB

URL HTTP/1.1
kruewancurtain.com/wp-content/uploads/2021/10/logo-topnhacai.png
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
82 kB (81482 bytes)
Hash
d89b0140c30f1dc6b38057c1ae52f28b
4c2c9d2b129d9fabd3aa672c222772a3b144f996
33c6cfb8b4934fb178c8b747d581df623348d292341cf4f17a84d2ac2c7efec4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/10/logo-topnhacai.png HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9eb02cbf"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wW%2F%2FiVGF1x8i5OSZEm%2Fo8ryZ66AF6xojQpayCYP90YzJ4A4yeCrEqh2hmLU7Q%2BOAaeE0PBs%2BNW2I6ZFaWqE9Anm29qHedPBic7OihaP68t75LzXHyBJAcK6NazZU0B2%2B3hn9k98%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa8734a970b41-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/1.1
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kruewancurtain.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 20 Oct 2022 16:52:38 GMT
Expires: Fri, 20 Oct 2023 16:52:38 GMT
Cache-Control: public, max-age=31536000
Age: 465497
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

216.58.207.195

200 OK

25 kB

URL HTTP/1.1
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25036, version 1.0\012- data
Size
25 kB (25036 bytes)
Hash
9dd150fb7229e143e0f71ba1fe8c8f63
664abfc4941054600213dda51a3d6f0d05b3c312
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kruewancurtain.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25036
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 24 Oct 2022 05:55:06 GMT
Expires: Tue, 24 Oct 2023 05:55:06 GMT
Cache-Control: public, max-age=31536000
Age: 159349
Last-Modified: Mon, 11 Jul 2022 18:59:41 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/1.1
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7764, version 1.0\012- data
Size
7.8 kB (7764 bytes)
Hash
0ce128326f68d416deb04f6dba51c4a2
749cee74b13139cb507069a41752920825bcea64
56544b89de11e26ae80a5212b3387d693b1bfbaf68312e3ccc0f0b7a00382f5d

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kruewancurtain.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7764
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 21 Oct 2022 12:52:15 GMT
Expires: Sat, 21 Oct 2023 12:52:15 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 11 Jul 2022 18:56:32 GMT
Content-Type: font/woff2
Age: 393520

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

216.58.207.195

200 OK

21 kB

URL HTTP/1.1
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21276, version 1.0\012- data
Size
21 kB (21276 bytes)
Hash
59c9b83cc112cf7eeb3bf7a5e96b21fe
771790b776b5e1bc3039c337024e400974184208
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kruewancurtain.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21276
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 20 Oct 2022 17:49:37 GMT
Expires: Fri, 20 Oct 2023 17:49:37 GMT
Cache-Control: public, max-age=31536000
Age: 462078
Last-Modified: Mon, 11 Jul 2022 19:01:17 GMT
Content-Type: font/woff2

kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/blankshield/blankshield.min.js?ver=4097

104.21.60.114

200 OK

941 B

URL HTTP/1.1
kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/blankshield/blankshield.min.js?ver=4097
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1666)
Size
941 B (941 bytes)
Hash
8440a23ab4f645c046b0229443a9328e
82c0aa0f85a1f1b4f7dbdc21fdd550be0cc04698
4b21f0c086f04badb3549774131a76dee5a0dd6a1a3cb44ca8a978d255266f03

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/blankshield/blankshield.min.js?ver=4097 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673ad6f09c"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcHkBt%2B6oS20n9pLW%2BDH%2BGyWqzy5CYqv0YGe1GNxIvM6N4yWlvZ9j51TH8zu%2BKLXXlJSP3IGmI72TqHiPU6t9cLifAVEcpjuyEFqq3WLvOLQ5haZCAo4q6Xtyug4Aw5QbDwBBGY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88568d10b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/block-tabnapping.js?ver=4097

104.21.60.114

200 OK

136 B

URL HTTP/1.1
kruewancurtain.com/wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/block-tabnapping.js?ver=4097
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
136 B (136 bytes)
Hash
f30b00232367943dff1496acf71eac2d
81d2a2fccab924734354747cef96c922670ffadf
3d637df7065880afe4b346ff51e6162295e91a39ae251b9c0ac2efbcfee6bf6d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/ithemes-security-pro/core/modules/wordpress-tweaks/js/block-tabnapping.js?ver=4097 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673b423ca2"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmbrDnkO4dWfEFySvpZ2H5Aae3p7k5%2FYgLSl8nKE4mJez1CVnpto4bo8uBcGdzSNRXXHBpQyGtdfiicASjSVu%2FfTgEMmtQZaST%2BxQI7%2BiWJAFmoIYT6KpcXjdVx6cMC6QgimNIo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa8856fe7b505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1

104.21.60.114

200 OK

1.0 kB

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.0 kB (1024 bytes)
Hash
b41e6b8b14e037115967ce8e9069d021
be4b6a31f3d3e9ba540c3fb2016b7f18e1d396b5
8d0edbf6cf14801fe2124cacd0272c496e433a1a9008d02035920284aee2320c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome/inc/extensions/flatsome-instant-page/flatsome-instant-page.js?ver=1.2.1 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:55 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673bd873e2"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUdxT3qmyS2Djz%2BV1Zmj4%2Frka82Cypn31znRTOQES%2BkluEZiE%2BfDmNacYTqP7L6o5bhDxEo15AjAMDoMwx0m%2BY0PmQfYjD%2B62d7SPmL8bRnqCRzvS59uqIIniRIN7HthTbF%2FB2A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88569e0b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.14.2

104.21.60.114

200 OK

5.1 kB

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.14.2
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12801)
Size
5.1 kB (5122 bytes)
Hash
0223e76f11026b70ea9a0ccbade32a92
c0f3844f7520efcf0f667733b0ee19a883d106b2
c1cb34252c5f8d716e9565156a996ed1d5216c58da5321219e3c94b9bbe1900e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.14.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673cdebbed"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BeKopy7%2FTgoJajx5UMMTgjtYxrG9goKVX5JDKZ788ditrknxj%2BFfqws8M4zdywzgVhGAIyaQFefHlLbhBA6vQM0E%2F91V8juvC6EyFdi0QzV7xjYectEZAcB%2BPzqBOulCbvSw%2Fk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa885692db4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2

104.21.60.114

200 OK

704 B

URL HTTP/1.1
kruewancurtain.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1464)
Size
704 B (704 bytes)
Hash
8a17c6b2e72d8f5e956b6dc951cad954
5ab730e86399c4e5897248b6d45bc31a6cceb81a
54923b4fd0ecc397f9c1b6a40eab70315d82edc4f5cf8dc3343e76977317771a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673f64e677"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjf2Ixt8Djc1MS4GhGnpjMjurpanLdB7cntLVjTr8j6gNI%2FS%2FojSg4xqJ6ZNAeW9rBp5cPUkuk57D8SnBAs2gkteXn2jKj22FCKHOCv569GeTb6PJhUOMKrhKN2vTNxHoN4H0gA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa8890a890b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

104.21.60.114

200 OK

2.4 kB

URL HTTP/1.1
kruewancurtain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2438 bytes)
Hash
6b0c5288bb5f4619cd7d10c077b2858b
f5fa1550d81a04d13d0d7273c32005722b910022
69c224d56ae4f660970896b60da2cabeb296fd95673a8ea23519db8f4f285b24

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673de9c8cd"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmFIl6go0ne8vmCWaA9m3rGgX4XkWKHjf6cNA1FA%2BEM9aGXwcy0%2FHdF6AsoEbCy0dAryvYygsSlw16lybTwJE7eC4VjnDRMd59hvMWONeDQ5LoK9jHdgbx%2BA%2FTTMjP9t2CpDCtc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88569e2b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

104.21.60.114

200 OK

7.1 kB

URL HTTP/1.1
kruewancurtain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size
7.1 kB (7069 bytes)
Hash
eaee4dc80ca00588e937b1d91255d62f
a6c0d7c8e0d3250c07a2c4863611db3db1adea48
28fe5891dbd0e4bb5729dc8ee7c324ae1a1f62d9a1482d90d455a0a4aa6c984a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab5673f1d5e73"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoDQqzbsbbGY4K9SIusPjKT4mAuq7OEGC0f%2Bw3k9kgHveyLEuI6mh44YadqlXucbS28hQxBFWJeyjofrJcxth8uT50V5lyVcdfhpQcok0dPAn79trO8LP%2B4ioxIan2Vkc9mj9L4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa8856fa8b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.14.2

104.21.60.114

200 OK

596 B

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.14.2
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
596 B (596 bytes)
Hash
5fc68c42405590262ab2ac0a7817887f
18e9ea9afa90b625f312cee95a7ddccd3df39bdc
ee04db5a90424e77cd884d37edcc389b0e791aeff359ace182e697982c0fc862

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.14.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56738ebc21b"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQhytFZIOPn4eTrN4FrPRM3zTda0YyKDSjSnsjotWVTNzmWpyK0tGIaJ%2FE1hnYwrl8FB%2BXTEnZ%2BIiWkFBRLQ6%2BIj1Uv%2BwUBOvQBNFCTc986AOf5QUsuQ7AFCdQdJ869jXJFEMCE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88bec31b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.14.2

104.21.60.114

200 OK

6.2 kB

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.14.2
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 6752, version 1.0\012- data
Size
6.2 kB (6219 bytes)
Hash
daf0c4d893e9e129358e918fa41cc57d
1718865c91e3a17e4bfffd1313192e3fba47cd65
4dd1efbcfd9d74395589ab61fc374cfdb03b93e26b89d279b29d4d764b941507

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.14.2 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: text/html;; charset=gb2312
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Wed, 26 Oct 2022 02:10:56 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfRc6KjEw42CSw1axrH2455X1%2BVZwpeJ2louCVCOA0Y2ZIf5yEJrYDYuhdRUS2Y%2FlvdaaMYfZrJ8fjVGxq%2FwWRIScrAi0gkI4mHG3d2BSm9ilMT%2FonS8J6n52b7p3h%2FWGs0rEv4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88c8c61b4f1-OSL
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome-child/images/bottom-pattern.png

104.21.60.114

200 OK

1.0 kB

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome-child/images/bottom-pattern.png
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 57 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1046 bytes)
Hash
67d44df001d31f0e2f60bdf198c361c2
f8524fd787e41d2096f82684a0a3a90b71e0064a
7c2d270422dfd28f50a74a28ab0d11614c639d2b5ec7a8e6b00566fe7197089e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome-child/images/bottom-pattern.png HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9e6fcbf2"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF6gi0SZyoCGdA%2BsmPE8nhemH2ZEP05hn1HVd7mVCt3AqKrz91dncRiGRkvkHsIeFnkHJCBJv%2FDKWyZHshBssQ8AmhUY%2BY1VzW5j3AVA2FlFjpp9qCMFXae2bO31hyfDMFHVPT0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88d5caab4f7-OSL
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome-child/images/medal_orange.png

104.21.60.114

200 OK

782 B

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome-child/images/medal_orange.png
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 30 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size
782 B (782 bytes)
Hash
1afe2a72dd09424358de47acdc3ada29
2c58498481be577f7edd19089e7cf551db7a4920
86940faa5b610270146e26d58a600eb78ed5cae833bbfc2d06aa069d4384e415

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome-child/images/medal_orange.png HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:56 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9e1530b6"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LVgts%2BAOns6fzD0rfitqpbiukEUhdQru8ARMYFMnuDy8fEVOs0MesjSjjAHNq%2FXzMbggBI%2FOG9MNXrv3eOKohk6u6naLNxY0mlQkqS11bf1vhZ5lH2Ad0IX%2F1wQvqvXWLNt7hs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88e8c1eb4fd-OSL
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome-child/images/medal_blue.png

104.21.60.114

200 OK

858 B

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome-child/images/medal_blue.png
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 30 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size
858 B (858 bytes)
Hash
c442adff28dd5ed700cb657a0fb383d5
8b57eabe045b49abe54bc7306780735ccd4af83f
f58400dc9b62c450ae42e129ee1b6ce1d131ff660bcb16fbdc5ed9f5b76334e4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome-child/images/medal_blue.png HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/wp-content/themes/flatsome-child/style.css?ver=3.0

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:57 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9e807cbc"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaY3%2Fd1y3EEF6jh%2BnnWY%2F1pbaVt9Essno7kk3TxR59n38w9vSfxRJracQuLkT%2F7A7%2BMsUiiGM6bGOkwAxRFagtoemHw6aJY0na8MGkcrZrFjyZ1q8MpjpVXJHfRbmaZIEpfpADs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88f8d5ab4f7-OSL
alt-svc: h2=":443"; ma=60

www.w3counter.com/tracker.js?id=146887

104.26.7.93

200 OK

0 B

URL HTTP/2
www.w3counter.com/tracker.js?id=146887
IP
104.26.7.93:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tracker.js?id=146887 HTTP/1.1
Host: www.w3counter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kruewancurtain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 02:10:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.3.15
cache-control: no-cache
set-cookie: SERVERID=s4; path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pkJhU1htXOBBvA98%2FdH0BXdHQAjAfVUvrXA7ExFhzuf16yh55ftS0bVf5dGiGfzpONKokMO0OyFZU%2Bm1eH9HSp8LjtyRRjWF9mjDeNsPbZH8V4TlfYa1JHUEvby1FI%2BPwgt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ffa8859b43b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

kruewancurtain.com/wp-content/uploads/2021/10/nen-nha-cai.jpg

104.21.60.114

200 OK

0 B

URL HTTP/1.1
kruewancurtain.com/wp-content/uploads/2021/10/nen-nha-cai.jpg
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/10/nen-nha-cai.jpg HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:57 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
ETag: "8dab56f9ec5a259"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DEb64c9a51HzMC4RPBmQPUNOoY7PNDEBsK4MTk1S2gLKotOkdKmV7mrD5TCTjbCzkIY2q1EnKL2AVnPSZUNku6iAv9%2B4o6oTmYij1C2juUuCi2JjzkMUyRgkq04ZNbJaRzRRfM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa88ccbe30b41-OSL
alt-svc: h2=":443"; ma=60

kruewancurtain.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=942e5d46e3c174a7d6798

104.21.60.114

200 OK

0 B

URL HTTP/1.1
kruewancurtain.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=942e5d46e3c174a7d6798
IP
104.21.60.114:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=942e5d46e3c174a7d6798 HTTP/1.1
Host: kruewancurtain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kruewancurtain.com/

HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 02:10:57 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"8dab56741278c2a"
X-Powered-By: Nginx
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0O8BGCC9eggKo%2BtnzgLknhOokVxMMXwiL2FRxc5mhWJ1Db3%2Bd1pMPOT69SPkn3nrjXLb%2BbBDrnf%2FQc2XU4qH4a4bXnMtBpX%2BXFhhrak%2BPk7VuFqvD4xCd6xZw%2F%2Bo9JnN7UMm4vU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ffa889199bb505-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations