r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12533
Expires: Sun, 27 Nov 2022 14:27:56 GMT
Date: Sun, 27 Nov 2022 10:59:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3237
Cache-Control: max-age=87962
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:59:03 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:25:05 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12360
Expires: Sun, 27 Nov 2022 14:25:03 GMT
Date: Sun, 27 Nov 2022 10:59:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 10:17:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2485
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pW5ZsdQFj/1TthcO7tJD2cVK7L+Cg1woCQnUW+h3tzSuNL5sAlN55weUJWTQoKly7hofPEFu2yY=
x-amz-request-id: ZK8MYM4VG51MF55E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 10:41:36 GMT
age: 1047
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:59:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 10:11:12 GMT
cache-control: public,max-age=3600
age: 2872
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
researchdevelopers.com/portfolio/a-broader-perspective/
184.168.118.234200 OK 37 kB URL HTTP/1.1 researchdevelopers.com/portfolio/a-broader-perspective/
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62303), with CRLF, LF line terminators
Hash 2bff151943f135ac8bdcc52c9eea4fcb
e65919d9b12cc3e77bab6038f78309e6ebed9ccf
7b92e1c68082c8ed2517b417e59c42644fcddedf6eca01835ed2f082ce7b2551
Analyzer Verdict Alert fortinet Malware
GET /portfolio/a-broader-perspective/ HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:03 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Link: <https://researchdevelopers.com/wp-json/>; rel="https://api.w.org/", <https://researchdevelopers.com/?p=573>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 37004
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
researchdevelopers.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
184.168.118.234200 OK 4.9 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15224)
Hash 3179794486ec4ca8f59329ccd67ae3e1
4b9c6e22ee7966479ef9844259f39f19d584f4a4
6e616b83910943042f683d5d21691f7e15aca8e2d8d154ff8f35bf09c612297a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 08 Jun 2021 22:15:12 GMT
ETag: "2da0c64-4705-5c4487ddedc00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4930
Keep-Alive: timeout=5
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4124
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:59:04 GMT
Last-Modified: Sun, 27 Nov 2022 09:50:20 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
researchdevelopers.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9
184.168.118.234200 OK 11 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (35768)
Hash 75e30f798fd1725a8b1ea1936dc530b6
77346f179af94905a0ad6c6acdf8ed96813392d5
2b8c9b5f79d9e61085c9383201c801c9c8d7cec0dd760ccbb5e63fedcfb983a6
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Last-Modified: Wed, 26 Jan 2022 07:57:13 GMT
ETag: "2da05bc-1357b-5d6778cb9e263-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10906
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
researchdevelopers.com/wp-content/plugins/amwerk/css/amwerk.css?ver=5.9
184.168.118.234200 OK 2 B URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/amwerk/css/amwerk.css?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/amwerk/css/amwerk.css?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 08:01:29 GMT
ETag: "2d40c4e-2-5c866be5a3378"
Accept-Ranges: bytes
Content-Length: 2
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m6NBdDbt+rDnhNV5pMNiSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FHJMHdQCVX9+pX2dXm2xgVXl8Eg=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:59:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
researchdevelopers.com/wp-content/plugins/bold-page-builder/slick/slick.css?ver=4.1.3
184.168.118.234200 OK 569 B URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-page-builder/slick/slick.css?ver=4.1.3
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 8089b828484e2269d5dcb1089c4004ba
9b61a0f5bf48ef08890dbae954ee9b5a90015d2c
35c1c8741af6e18aa88caca3d060e26808e1103a29b3ee0415ae3e3b648bcd09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/slick/slick.css?ver=4.1.3 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 23 Jan 2022 07:54:57 GMT
ETag: "2d40d9d-6f0-5d63b2b11230f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 569
Keep-Alive: timeout=5
Content-Type: text/css
researchdevelopers.com/wp-content/plugins/bt_cost_calculator/style.min.css?ver=5.9
184.168.118.234200 OK 6.2 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bt_cost_calculator/style.min.css?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (386), with CRLF line terminators
Hash 0d967593485a42ab1d3c3e68da9946e8
482b5ab2e7a80adb88080381bf613293e524f21b
c579276cf2d33193d879a46f8fd223c1074d930229d61498c4abc574c9733a09
GET /wp-content/plugins/bt_cost_calculator/style.min.css?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 31 Jul 2021 08:01:38 GMT
ETag: "2da12c6-9397-5c866bede7f67-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6215
Keep-Alive: timeout=5
Content-Type: text/css
researchdevelopers.com/wp-content/plugins/bold-timeline-lite/style.css?ver=5.9
184.168.118.234200 OK 11 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-timeline-lite/style.css?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (380)
Hash 809209571dfd6dd771ed412ac962bd5f
76fdbce8184ecd37bc1de6db17bc371c8335275b
4717aa3bd77c74a9b722f3c25a9e662e2e4f633578b6964600ff4c9ef0f9a086
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-timeline-lite/style.css?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 31 Jul 2021 08:01:35 GMT
ETag: "2da117d-297cc-5c866bebe3599-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11372
Keep-Alive: timeout=5
Content-Type: text/css
researchdevelopers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4
184.168.118.234200 OK 972 B URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.4 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 07:55:12 GMT
ETag: "2da128f-aab-5d5fed2705467-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
researchdevelopers.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.2.0
184.168.118.234200 OK 3.4 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.2.0
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (12011), with no line terminators
Hash 5597576ce11073f4745b0db2bf29a0b6
3deace93a9a688f450b0bf575a7ae7647e79d453
16fbffc700d0012efca7424de1bea8a462fab84ec2b768604bebf3e1f1a44ffb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/creame-whatsapp-me/public/css/joinchat.min.css?ver=4.2.0 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Last-Modified: Tue, 18 Jan 2022 19:56:03 GMT
ETag: "2d4262a-2eeb-5d5e0a8b94b9a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3401
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
researchdevelopers.com/wp-content/themes/amwerk/framework/css/style.css?ver=5.9
184.168.118.234200 OK 116 B URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/framework/css/style.css?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 9c8882e2641e64acc9a4173e5e4f452d
f34909a775901cf62f72dce3b7234654fba13985
c278e430eedc1d9649450aec219b8c42b90e38afdea3325e7aaf2b88b1bc6a87
GET /wp-content/themes/amwerk/framework/css/style.css?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da0fae-e2-5c866b7fc251b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 116
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
researchdevelopers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
184.168.118.234200 OK 4.2 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
ETag: "2da0bc4-2bd8-5b45debe27b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4169
Keep-Alive: timeout=5
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/amwerk/js/amwerk.js?ver=5.9
184.168.118.234200 OK 2 B URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/amwerk/js/amwerk.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/amwerk/js/amwerk.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 08:01:29 GMT
ETag: "2d40c60-2-5c866be5a3760"
Accept-Ranges: bytes
Content-Length: 2
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=4.1.3
184.168.118.234200 OK 7.3 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=4.1.3
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (20087)
Hash efa6db60af1529649bd3b95c4220e9ba
4b6b8cd07ee784e67c7702c147e0c80e0bb3bd90
5723d10c2697c434b25b904f2fcec179ad231ccaebc4c77daa7732c7949a1e99
GET /wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=4.1.3 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sun, 23 Jan 2022 07:54:57 GMT
ETag: "2d40319-4ef8-5d63b2b0ec1ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7346
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=4.1.3
184.168.118.234200 OK 10 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=4.1.3
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (42862)
Hash a200e519b47aabb15179d3d44b42a20d
40f67edd6550052b130507ed1a56650c6bdb798f
ea316b7198f70a2c53e9f534e6c2b9f6e570e4a7369d5c0508cd38de275717db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=4.1.3 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sun, 23 Jan 2022 07:54:57 GMT
ETag: "2d40db2-a76f-5d63b2b1126f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10442
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
184.168.118.234200 OK 31 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 15:07:24 GMT
ETag: "2da0bcc-15db1-5bd3006388300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=4.1.3
184.168.118.234200 OK 6.3 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=4.1.3
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 8ad09a96691fc656edf3a251c259deeb
698eb0d813f5ddb05527bd787f2702f6bd7fc0d3
77cb07aa571a9994a520a9f05b5489dd7d22a89ad35116c9d4bfa2ac01487536
GET /wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=4.1.3 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sun, 23 Jan 2022 07:54:57 GMT
ETag: "2d40316-649a-5d63b2b0ec1ac-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6320
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=4.1.3
184.168.118.234200 OK 65 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=4.1.3
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (375)
Hash 2ea0b50e86f17619b49cd8dbc667d6a0
271652e58d12cdf04243faae017884e2923e5b8e
7a4f67c7eae924d1680c326a1997225aa211251bd96d7b4ed4b042924c203d63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=4.1.3 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 23 Jan 2022 07:54:57 GMT
ETag: "2d4035b-13effb-5d63b2b111757-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 65068
Keep-Alive: timeout=5
Content-Type: text/css
researchdevelopers.com/wp-content/plugins/bold-timeline-lite/assets/js/bold-timeline.js?ver=5.9
184.168.118.234200 OK 1.9 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-timeline-lite/assets/js/bold-timeline.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (309), with CRLF line terminators
Hash dbb22bb53f63ceaba111a0910e6f3739
3f77a10dd66df6b3a811ab10d465406227c6e241
b15c49925c28f937cb1570da4fe4fc742bfae85c854dd18be9f801e29dcfb6b2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-timeline-lite/assets/js/bold-timeline.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 08:01:35 GMT
ETag: "2da1198-1c3e-5c866bebe3d69-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1860
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bt_cost_calculator/jquery.dd.js?ver=5.9
184.168.118.234200 OK 12 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bt_cost_calculator/jquery.dd.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (440), with CRLF line terminators
Hash e6be4490165d035ed8535d7e7a325f6a
b9e44bacd452733bafc9244a5f7a4c7209e45772
de04c76b8b47c4feb2bc97df41d21fa9180593287cbc100b4c5cece72ace9085
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bt_cost_calculator/jquery.dd.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 08:01:38 GMT
ETag: "2da135c-cb50-5c866bedea677-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11604
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bt_cost_calculator/cc.main.js?ver=5.9
184.168.118.234200 OK 5.8 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bt_cost_calculator/cc.main.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (429)
Hash d4f5c1cffe4d8422f3a2273c84a846b5
b848b2e16fc64cee7b8be47612acb7bdef598217
68fdb1050030fb474f5fb57f3d828ddd40176fad10f81ab87a69224e31aa3353
GET /wp-content/plugins/bt_cost_calculator/cc.main.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 08:01:38 GMT
ETag: "2da12c9-8016-5c866bede7f67-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5763
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/uploads/2021/07/logo.png
184.168.118.234200 OK 21 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2021/07/logo.png
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 845 x 322, 8-bit/color RGBA, non-interlaced\012- data
Hash 589fe28a532ed2950bde4eb1577649fa
854ba557e842df3b5f00fbb21ca40edf90cc0228
5875c633973ba3872631bfe10d1af699dc39fb23c7f482c209c26197e61535da
GET /wp-content/uploads/2021/07/logo.png HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 10:02:56 GMT
etag: "2760a41-522c-5c86870b7ec8d"
accept-ranges: bytes
content-length: 21036
content-type: image/png
date: Sun, 27 Nov 2022 10:59:05 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/plugins/amwerk/shortcodes/back_to_top/css/back_to_top.css?ver=5.9
184.168.118.234200 OK 346 B URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/amwerk/shortcodes/back_to_top/css/back_to_top.css?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 8b9f1c9f79fdd660f456fd4589dbcfa4
c3c925e4a16ab234c6d85c6ff0f4a38bb88e4955
a1570bcea3c0a76aff4449acd16a0dcd0dbb8c59f42c2ffc34ade3c65671072d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/amwerk/shortcodes/back_to_top/css/back_to_top.css?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 08:01:29 GMT
ETag: "2d40c5b-288-5c866be5a3760-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 346
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16361
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 10:59:05 GMT
Connection: keep-alive
researchdevelopers.com/wp-includes/js/comment-reply.min.js?ver=5.9
184.168.118.234200 OK 1.3 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/js/comment-reply.min.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2944)
Hash d25cda0d687e9ddfe3f4bc93881c4a74
ce174f3dcc4b5cc45bf0b3bd4ef89058f38ae2aa
42fcfaacfb93689c77bdef10f1bc9f16c4cca896c746081229d6d0552bbbd3f5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Wed, 26 Jan 2022 07:57:14 GMT
ETag: "2da0a98-ba3-5d6778cc680ed-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1345
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16361
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 10:59:05 GMT
Connection: keep-alive
researchdevelopers.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
184.168.118.234200 OK 2.4 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6494), with no line terminators
Hash c16f2821df385b57b616cb7c867e1253
6327ed04bc2d7c294db8358cdf8b06ff62c3eb13
ff1c71b966df6e007b9175772a52be12d7dd9b65aafcb78a55046f60e792ae42
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Wed, 26 Jan 2022 07:57:14 GMT
ETag: "2da0aaa-195e-5d6778cc68ca5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2422
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16361
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 10:59:05 GMT
Connection: keep-alive
researchdevelopers.com/wp-content/themes/amwerk/style.css?ver=5.9
184.168.118.234200 OK 101 kB URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/style.css?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 (with BOM) text, with very long lines (449)
Size 101 kB (100917 bytes)
Hash bf3ca6fd5a2794a2fb4a5916eb07f4e2
2a81d4e989f23d0081e23bdf431ddaf4bca035af
f6d163e9244fe7d695098b3a226a7ad43a659f2e7c44c8fd18ba46eb45660de1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/style.css?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:04 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:41 GMT
ETag: "2da0f3c-1021f9-5c866b7efe839-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 47244
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee5071a31d351c552aa651e40b16189
6fca9136030ea6f67be44e428ea39c34ff3e28e7
8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:52:26 GMT
age: 47199
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Assistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
142.250.74.10200 OK 9.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Assistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
IP 142.250.74.10:0
Hash 384de3eb3e645544297a2b8652c6731c
b91f255131b93a510964e91ef320f59b23838251
eea602fbdee34706df46b1785f5c8fbec57540a7d66509ed2c484f555cb35b2c
GET /css?family=Assistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAssistant%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 10:59:04 GMT
date: Sun, 27 Nov 2022 10:59:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 47244
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 47248
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 116eb5028a206e55f758f3e34887c87e
10577d9fc19028a0e0303634ec16ad8b2d41fa7a
d5d0f5518f8346e78f00a57632efe36f3363cabfa9abb30b7bea60261b29910b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5103
x-amzn-requestid: 203eadee-9375-4290-ae0a-dd48e83df697
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFGzTE90oAMFTyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb814-2c32253b155d5dd0283fdd07;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:17:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQEJS9-L2M6WJ5nqH7C7MqIv96GDNUexqw60hbX_3z8wxv8bp0ARwQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 17:52:17 GMT
age: 61608
etag: "10577d9fc19028a0e0303634ec16ad8b2d41fa7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
researchdevelopers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
184.168.118.234200 OK 7.0 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash 3d97cdcc7f05c2b5782d39b135850bc3
d4427472e22221d71413745415a7b1e959da28f3
3b9a4010e3156a9143b38a24e91a5b34d898b1eeab165f49cda8c16212a968f7
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Wed, 26 Jan 2022 07:57:14 GMT
ETag: "2da0ab3-4b3d-5d6778cc68ca5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7013
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4
184.168.118.234200 OK 3.3 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 4ac0d5ab8d83806d59c4e1f7bf0a855a
81153a2f5e3a21febe9ede53c9f0073da3e14829
605fd4e7f4d3fbb5505bb81e3f72c685b6ef411c27cde2f7bab2787c3d870b10
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Thu, 20 Jan 2022 07:55:12 GMT
ETag: "3540b31-25f8-5d5fed270584f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3286
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
researchdevelopers.com/wp-content/themes/amwerk/framework/js/fancySelect.js?ver=5.9
184.168.118.234200 OK 1.7 kB URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/framework/js/fancySelect.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash c375fdf7b3307b0ca43debaa1c08d556
34ed1b1a6217c9fdd9681b87e56cca97a2287c02
113778a0923e84c1b870ebeeb60ceae9b5d777d51227816a10bd7dc4b1f9c8e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/framework/js/fancySelect.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da0fbf-1b37-5c866b7fc2903-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1721
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 20608, version 1.0\012- data
Hash 56573cfb638f35b191c36b5ad69a55e8
61b97f2670054092c49209678a2dd11d4d12a709
36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026
GET /s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://researchdevelopers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 23:55:52 GMT
expires: Sat, 25 Nov 2023 23:55:52 GMT
cache-control: public, max-age=31536000
age: 126193
last-modified: Fri, 24 Jun 2022 19:46:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:59:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
researchdevelopers.com/wp-content/themes/amwerk/framework/js/header.misc.js?ver=5.9
184.168.118.234200 OK 2.8 kB URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/framework/js/header.misc.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 868dbfc04f782980a78bbf21cb51eff3
3fba3a614182e4c16abb4f92c7efe2aba0a49add
b1bbd9599fde17e5156a27f37cc7e4692cb0d1ca0b758ae1b43445ca6446c00b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/framework/js/header.misc.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da0fbd-2ca1-5c866b7fc2903-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2764
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/themes/amwerk/framework/js/misc.js?ver=5.9
184.168.118.234200 OK 1.7 kB URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/framework/js/misc.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 84dba3d079f8a3eb6542824131d1164a
99d1666dabfdf6486f45f78be6c207fa90ff17d4
c0cdd54f543d9dfa836fba28a203bd9bdd38277ed5d912ba167cd594db8e89ee
GET /wp-content/themes/amwerk/framework/js/misc.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da0fbc-13e4-5c866b7fc2903-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1701
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:59:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
researchdevelopers.com/wp-content/themes/amwerk/js/amwerk.js?ver=5.9
184.168.118.234200 OK 269 B URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/js/amwerk.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 970e92c09da8eb4bec1a9faf67b50a97
9d7b5a491397182a36bd6e01bb6dd7d2b1c23358
2448bf5f4f0a942af08e5c88e3bc65c1a23699205ad16b710dd1abb75b703d83
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/js/amwerk.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da0fce-2b6-5c866b7fc30d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 269
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/themes/amwerk/framework/js/framework_misc.js?ver=5.9
184.168.118.234200 OK 166 B URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/framework/js/framework_misc.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 59dbb1afa5c47b65377c1a7d046f5977
209c4b74b339a08f4e88d69ada9781ec35be8a63
282608d5ecbf11cbf72eef526082482b96d3964ece18cb7d11523f60225eb292
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/framework/js/framework_misc.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da0fbe-ec-5c866b7fc2903-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 166
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.2.0
184.168.118.234200 OK 2.3 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.2.0
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6567), with no line terminators
Hash 5a68d93bd5e9f92b948fc3570c2a88aa
81f4fb1c051e13bf6607ddf602a3885a439da736
512df6875aaff431a22a26247cb0f61141675f9da793ff6c80b7e52ec5c32704
GET /wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.2.0 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Last-Modified: Tue, 18 Jan 2022 19:56:03 GMT
ETag: "3500c6e-19a7-5d5e0a8b94b9a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2295
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/themes/amwerk/print.css?ver=5.9
184.168.118.234200 OK 1.1 kB URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/print.css?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash e9489f855631b00b86c13163b1e93224
3b21de16803594deecf551fcc49a0fff316e8d67
f33ee23a21eafe48d2914d5c6f87699f7c1d96fc4e17d862007d4ffd34f9ab8a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/print.css?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:05 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da0fcc-1148-5c866b7fc30d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1145
Keep-Alive: timeout=5
Content-Type: text/css
researchdevelopers.com/wp-includes/js/masonry.min.js?ver=4.2.2
184.168.118.234200 OK 7.4 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (23966)
Hash d56e5016a4d65d6d654add02bee3f792
9238046ef54c80e04b940f86683ea33cf44d40c1
6f1a28f0ef5ad427f7d99aecc29db61d8eb25190d5eb5e539c524c916d1442f9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
ETag: "2da0c63-5e4a-5a7fbb57c37c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7382
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
184.168.118.234200 OK 1.8 kB URL HTTP/1.1 researchdevelopers.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
ETag: "2da0c2b-15fd-5a7fbb57c37c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1834
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bold-page-builder/content_elements/bt_bb_masonry_image_grid/bt_bb_masonry_image_grid.js?ver=4.1.3
184.168.118.234200 OK 829 B URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-page-builder/content_elements/bt_bb_masonry_image_grid/bt_bb_masonry_image_grid.js?ver=4.1.3
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 01edb9b32219018591022e0ca8356042
7d5ddd8e12746c31b63043e6d9e5c61eb07324e2
ca158c199bf35f864620756dd0dd46497871f5a2940007de408bf7ddda37f7a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/content_elements/bt_bb_masonry_image_grid/bt_bb_masonry_image_grid.js?ver=4.1.3 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sun, 23 Jan 2022 07:54:57 GMT
ETag: "2d414e5-a5e-5d63b2b114e07-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 829
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
184.168.118.234200 OK 716 B URL HTTP/1.1 researchdevelopers.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1626)
Hash 9d85e1af0990cd88aded996881127353
f066c0f6aa1dabade0eebe90d1e65b5f38347988
ea398ed80ebce514f813d21421b487d8683d471dc0f923f67da1b59e09e29902
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2016 18:55:30 GMT
ETag: "2da0bc5-71b-53a5d2030ec80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 716
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bold-page-builder/content_elements/bt_bb_section/bt_bb_elements.js?ver=5.9
184.168.118.234200 OK 687 B URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-page-builder/content_elements/bt_bb_section/bt_bb_elements.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 5eda8af49ec348f53aa2634f398db9bb
b1f6a4448e9bab26508f7c9094dee802cc1eae71
171dc81c1ee8d46e3dbf44597ffb18158a95b1d98cafdddc645aeb9ac613cc5a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/content_elements/bt_bb_section/bt_bb_elements.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sun, 23 Jan 2022 07:54:57 GMT
ETag: "2d41504-60d-5d63b2b1151ef-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 687
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/amwerk/shortcodes/back_to_top/js/back_to_top.js?ver=5.9
184.168.118.234200 OK 355 B URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/amwerk/shortcodes/back_to_top/js/back_to_top.js?ver=5.9
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash f73b6680bb713f18a95dfdfcca0d9f0d
cd7b186fe87f5ba7a62674079bf1257e438ee89a
924b85c18785b83abbb7840abf8f82ab694bf5c4edd94187ce2105252681c6db
GET /wp-content/plugins/amwerk/shortcodes/back_to_top/js/back_to_top.js?ver=5.9 HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 08:01:29 GMT
ETag: "2d40c5d-4aa-5c866be5a3760-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 355
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
researchdevelopers.com/wp-content/plugins/bold-page-builder/img/blank.gif
184.168.118.234200 OK 1.1 kB URL HTTP/1.1 researchdevelopers.com/wp-content/plugins/bold-page-builder/img/blank.gif
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6b4bcedd71e8f0eeda27a48ff9147d1a
f39382fc0c3aaa173fc29c0b82dd733c3e9517e0
73a68348f3b0ab872434da99eebeaa0d477d2571fb81c1961292b0335f242e10
GET /wp-content/plugins/bold-page-builder/img/blank.gif HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sun, 23 Jan 2022 07:54:57 GMT
ETag: "2d400b9-447-5d63b2b0ebdc4"
Accept-Ranges: bytes
Content-Length: 1095
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
researchdevelopers.com/wp-content/uploads/2020/10/post_15-160x160.jpg
184.168.118.234200 OK 7.5 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2020/10/post_15-160x160.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 160x160, components 3\012- data
Hash 1caabb937d00d1311cf1c8c7922ffddc
aa05decc1f4a3d564e0fe3146313f9d015409dda
6b468166653af7a05d6a0a61b0a5c0ffc5d209995e4f340b02fb711bce2703c8
GET /wp-content/uploads/2020/10/post_15-160x160.jpg HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 08:15:30 GMT
etag: "2780fa9-1d7b-5c866f07e4105"
accept-ranges: bytes
content-length: 7547
content-type: image/jpeg
date: Sun, 27 Nov 2022 10:59:06 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/uploads/2020/10/post_24-160x160.jpg
184.168.118.234200 OK 8.1 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2020/10/post_24-160x160.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 160x160, components 3\012- data
Hash 497716bee1b576d833fa9887d9e532c1
dd1b6d7bb9d862ee47e59a426d2672cf133464b0
406f966ee2c53f78a92cf110424098acafc46e6da527dfa25fdeed4cbfc30bfe
GET /wp-content/uploads/2020/10/post_24-160x160.jpg HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 08:16:17 GMT
etag: "2781024-1fa4-5c866f343c1ef"
accept-ranges: bytes
content-length: 8100
content-type: image/jpeg
date: Sun, 27 Nov 2022 10:59:06 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/themes/amwerk/fonts/FontAwesome/FontAwesome.woff
184.168.118.234200 OK 98 kB URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/fonts/FontAwesome/FontAwesome.woff
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 98024, version 4.7\012- data
Hash fee66e712a8a08eef5805a46892932ad
28b782240b3e76db824e12c02754a9731a167527
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/fonts/FontAwesome/FontAwesome.woff HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da1012-17ee8-5c866b802244b"
Accept-Ranges: bytes
Content-Length: 98024
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
researchdevelopers.com/wp-content/uploads/2020/10/post_16.jpg
184.168.118.234200 OK 164 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2020/10/post_16.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 2500x1667, components 3\012- data
Size 164 kB (164107 bytes)
Hash 5bd53898c5a8a6e70a8bb358df83db4b
48bf44eba177341d138a8540af29ab8054b6c719
d7c584afff27768dc4061c552d15edb24f3f6c72705ba133f157983bf71dc124
GET /wp-content/uploads/2020/10/post_16.jpg HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 08:15:36 GMT
etag: "2780fb8-2810b-5c866f0d98ca1"
accept-ranges: bytes
content-length: 164107
content-type: image/jpeg
date: Sun, 27 Nov 2022 10:59:06 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/themes/amwerk/fonts/FontAwesome5Brands/FontAwesome5Brands.woff
184.168.118.234200 OK 91 kB URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/fonts/FontAwesome5Brands/FontAwesome5Brands.woff
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 90672, version 331.17301\012- data
Hash dc0bd022735ed218df547742a1b2f172
fddb95d7a0f48d2bf90a5ee3095e8264dca18053
e01029f3278fc6270cd31a5fe753cbda694fbb777ee30e8f6a13909087178988
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/fonts/FontAwesome5Brands/FontAwesome5Brands.woff HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:42 GMT
ETag: "2da1031-16230-5c866b80237d3"
Accept-Ranges: bytes
Content-Length: 90672
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
researchdevelopers.com/wp-content/uploads/2021/08/cropped-favion-1-192x192.png
184.168.118.234200 OK 9.5 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2021/08/cropped-favion-1-192x192.png
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c7a2e38d32518ac79f911f4e0ffa73c1
82477cc7244a66522328969be652c785b3a0f41b
e6817cd93bd91fd2d6229aba3da38ef1ae6017f65803c822e33a896ca09d5ba5
GET /wp-content/uploads/2021/08/cropped-favion-1-192x192.png HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Aug 2021 07:23:56 GMT
etag: "2c818d2-250a-5c943804e3438"
accept-ranges: bytes
content-length: 9482
content-type: image/png
date: Sun, 27 Nov 2022 10:59:07 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/uploads/2021/08/cropped-favion-1-32x32.png
184.168.118.234200 OK 1.1 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2021/08/cropped-favion-1-32x32.png
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash cd44a78369ff3db0624b7090c930f1ce
8823bcf934156f1ac47d8b5e38173fe2869b3712
5468eecaf85a31443189493389b54ec00f4ca7abeb644e9fe3e7ceed7e9e0874
GET /wp-content/uploads/2021/08/cropped-favion-1-32x32.png HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Aug 2021 07:23:56 GMT
etag: "2c818d4-432-5c943804ed461"
accept-ranges: bytes
content-length: 1074
content-type: image/png
date: Sun, 27 Nov 2022 10:59:07 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/themes/amwerk/fonts/FontAwesome5Solid/FontAwesome5Solid.woff
184.168.118.234200 OK 104 kB URL HTTP/1.1 researchdevelopers.com/wp-content/themes/amwerk/fonts/FontAwesome5Solid/FontAwesome5Solid.woff
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 104004, version 331.17301\012- data
Size 104 kB (104004 bytes)
Hash ee09ad7553b8ad3d81150d609d5341a0
f13e252f8a51a5279fd21e26ada0bd2f55bcefd8
c704d9e677b72859d29ddd73a2a63e3b15b5a4db903cff64b3c29a059e180871
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/amwerk/fonts/FontAwesome5Solid/FontAwesome5Solid.woff HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://researchdevelopers.com/portfolio/a-broader-perspective/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
Last-Modified: Sat, 31 Jul 2021 07:59:43 GMT
ETag: "2da104f-19644-5c866b8083ed4"
Accept-Ranges: bytes
Content-Length: 104004
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
researchdevelopers.com/wp-content/uploads/2020/10/post_16-1280x854.jpg
184.168.118.234200 OK 122 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2020/10/post_16-1280x854.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 1280x854, components 3\012- data
Size 122 kB (122400 bytes)
Hash 281e095661c055d03603105c6c77eaa3
fea7adf1f661f7ad0774bed2dba11dd120a7baff
ecdb68d3637ae09c1c852b158b8af5e634018e9a9e1820e88946977ff3abb6f9
GET /wp-content/uploads/2020/10/post_16-1280x854.jpg HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 08:15:37 GMT
etag: "2780fba-1de20-5c866f0e3299f"
accept-ranges: bytes
content-length: 122400
content-type: image/jpeg
date: Sun, 27 Nov 2022 10:59:07 GMT
server: Apache
X-Firefox-Spdy: h2
technologyshapers.com/researchdevelopers/wp-content/uploads/2021/08/img3.jpg
184.168.118.234200 OK 124 kB URL HTTP/1.1 technologyshapers.com/researchdevelopers/wp-content/uploads/2021/08/img3.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Size 124 kB (123495 bytes)
Hash aacba0d526a1386dbdd1bb6eb2fa7ba1
de647fff4b258a4ae15a94673b181bcfbc15e21f
43c242fc978bbdff61bda257b214e4942162f7bb79d1e2f9935034bfd5677258
GET /researchdevelopers/wp-content/uploads/2021/08/img3.jpg HTTP/1.1
Host: technologyshapers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://researchdevelopers.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 10:59:06 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6611
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
researchdevelopers.com/wp-content/uploads/2020/10/post_04-1280x854.jpg
184.168.118.234200 OK 159 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2020/10/post_04-1280x854.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 1280x854, components 3\012- data
Size 159 kB (159033 bytes)
Hash 3c34ea0c3385a693dcc0ece3da6ab9a0
8274a5cc8824a18af5cddd3201297bd8921b004f
354fff3edfa1e73d46a854e187f7b5d71790d2d1eb3e62530651da6782ea4ffe
GET /wp-content/uploads/2020/10/post_04-1280x854.jpg HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 08:17:01 GMT
etag: "278108c-26d39-5c866f5e5824e"
accept-ranges: bytes
content-length: 159033
content-type: image/jpeg
date: Sun, 27 Nov 2022 10:59:08 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/uploads/2020/10/post_20-1280x854.jpg
184.168.118.234200 OK 137 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2020/10/post_20-1280x854.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 1280x854, components 3\012- data
Size 137 kB (137430 bytes)
Hash 95bf088947e87bf7cb3503346cf68564
70a35b3719da70906e9a76204b2f39aed8d163f9
2a520d73b7d0a15a74fd82cb6bf517d46607cb4b182b5f9b3fee7a5afc85d8b1
GET /wp-content/uploads/2020/10/post_20-1280x854.jpg HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 08:15:59 GMT
etag: "2780ff6-218d6-5c866f23c761a"
accept-ranges: bytes
content-length: 137430
content-type: image/jpeg
date: Sun, 27 Nov 2022 10:59:08 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/uploads/2020/10/post_29-1280x854.jpg
184.168.118.234200 OK 162 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2020/10/post_29-1280x854.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 1280x854, components 3\012- data
Size 162 kB (161956 bytes)
Hash 7dc5aa59451dc85071f834d2b20f6f34
079536be6f8e32d149d82d8c425fa7ab788c6cef
bf46e4a2ebfd55d1f06dd9555bc36a06f062a109bf274a1647c23bddca8d24fe
GET /wp-content/uploads/2020/10/post_29-1280x854.jpg HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 08:16:46 GMT
etag: "278106e-278a4-5c866f502a6ce"
accept-ranges: bytes
content-length: 161956
content-type: image/jpeg
date: Sun, 27 Nov 2022 10:59:08 GMT
server: Apache
X-Firefox-Spdy: h2
researchdevelopers.com/wp-content/uploads/2020/10/post_12-1280x854.jpg
184.168.118.234200 OK 170 kB URL HTTP/2 researchdevelopers.com/wp-content/uploads/2020/10/post_12-1280x854.jpg
IP 184.168.118.234:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 1280x854, components 3\012- data
Size 170 kB (170437 bytes)
Hash aa633edec48abe50cd77a596203dee3a
afec7ca73291ae01bce9d5470895d7f6d27f3c0a
55e29b4ec305401ae53a8c2a7f34898b2a569642139da6f74bac7f03b766f780
GET /wp-content/uploads/2020/10/post_12-1280x854.jpg HTTP/1.1
Host: researchdevelopers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://researchdevelopers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 31 Jul 2021 08:15:13 GMT
etag: "2780f7b-299c5-5c866ef72902a"
accept-ranges: bytes
content-length: 170437
content-type: image/jpeg
date: Sun, 27 Nov 2022 10:59:08 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 892849386662d30042f01ab952a3ec14
3b349ac17a00d68875e64bee110ec85d07cffda2
893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9926
x-amzn-requestid: b03f4d3b-b144-4466-ab11-96c8201d75a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Je2G_NIAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b22c5-5ef5e11a198cd8202372d8da;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:03:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Eeu-CbRcm2Zv8ZVXNO3vhUt2shbKNQZ1YqsxCMk96twd7zL_rceGYg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:05:31 GMT
age: 46421
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2