firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 19:05:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rDHTGn2FINPeGRsN0F38M7ds1PIf0vDh2pEvhhvgAvdbpvCFHT04SA==
Age: 3182
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14818
Expires: Sat, 10 Sep 2022 00:05:55 GMT
Date: Fri, 09 Sep 2022 19:58:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IPe9-06l4GuTKqinVMCH_ZB7r3OK5l5-lQXJFHSZkz-OCJqPNUCTcw==
age: 58343
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:58:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 19:56:07 GMT
Expires: Fri, 09 Sep 2022 20:52:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1NjrDs0a3gQvW4S0Vr0rLpFThC9IDNj8UOM8j6B2ysC1kAEzKQoVsA==
Age: 170
lrdgon.org/l7r96tjAJ/MyYYFB8/BgEuIANyGHgkPAMsGDcYQ3p1fWV7fXRhenh+Yn1/
166.62.10.141302 Moved Temporarily 0 B URL HTTP/1.1 lrdgon.org/l7r96tjAJ/MyYYFB8/BgEuIANyGHgkPAMsGDcYQ3p1fWV7fXRhenh+Yn1/
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /l7r96tjAJ/MyYYFB8/BgEuIANyGHgkPAMsGDcYQ3p1fWV7fXRhenh+Yn1/ HTTP/1.1
Host: lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Fri, 09 Sep 2022 19:58:57 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html;charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3080
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:58:57 GMT
Last-Modified: Fri, 09 Sep 2022 19:07:37 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WFjbuMp2IlUvsz1BIlEQ7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: duo+q1emn0FRXmrGgTaukQL2jKc=
www.lrdgon.org/wp-signup.php?new=lrdgon.org
166.62.10.141200 OK 16 kB URL HTTP/1.1 www.lrdgon.org/wp-signup.php?new=lrdgon.org
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1743), with CRLF, LF line terminators
Hash 36af3cf42b8f4a0d9190b648244ba2e7
441acf05dd06c2a8259685d3224407bdc6a9395b
fc73b369e307013f986fdd514da02fa61633b1908a039dce368ea19eee0d4d7b
Analyzer Verdict Alert fortinet Malware
GET /wp-signup.php?new=lrdgon.org HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:58 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16260
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Roboto%3A300%2C400%7COpen+Sans%3A300italic%2C400%2C600%7CMontserrat%3A400%7CRaleway%3A400%7CCrimson+Text%3A400Italic%7CLato%3A700&subset=latin&ver=1505974706
142.250.74.10200 OK 1.3 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto%3A300%2C400%7COpen+Sans%3A300italic%2C400%2C600%7CMontserrat%3A400%7CRaleway%3A400%7CCrimson+Text%3A400Italic%7CLato%3A700&subset=latin&ver=1505974706
IP 142.250.74.10:0
Hash 36d8d273277dc299f0a666e37a207d35
41e2f0bc98ee83595c0f6f7a4dcdc422d40b3570
54127354005f9b2d9cdadf3d9f55aa67da412b6014e3811fa2089416fcc1eaef
GET /css?family=Roboto%3A300%2C400%7COpen+Sans%3A300italic%2C400%2C600%7CMontserrat%3A400%7CRaleway%3A400%7CCrimson+Text%3A400Italic%7CLato%3A700&subset=latin&ver=1505974706 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 09 Sep 2022 19:58:58 GMT
Date: Fri, 09 Sep 2022 19:58:58 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y-toolbar.css?ver=4.7.4
166.62.10.141200 OK 351 B URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y-toolbar.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 42f6320295497b4ab2bbb7f962cdf59b
5515f554e36eb50ea508a66ba041ba3389061bb4
a99a9abfec909a216bbab3d13dc3b190de2633705dead57c422e424fd0c1140f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y-toolbar.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Tue, 27 Nov 2018 07:37:30 GMT
ETag: "b38162f-30a-57ba0859a0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 351
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=4.7.4
166.62.10.141200 OK 829 B URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 01cc641da4169c6501efa5bc66a07962
f2fd37888dcc7f4efe02af0860308e7546cf4a2d
c3351780e4f5819a7827c4ca1b25014f4de0746fc45d36ac1b3c7c9b589905ff
GET /wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 27 Nov 2018 07:37:30 GMT
ETag: "b3815ff-a30-57ba0859a0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 829
Keep-Alive: timeout=5
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/css/a11y-fontsize.css?ver=4.7.4
166.62.10.141200 OK 246 B URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/css/a11y-fontsize.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (322)
Hash ef892e506742cc90c11e8c89640aedfc
2059894e1b892d21237d75dedf7d9187ed4876e3
b6a468b52fb3eabe4ec128bcfa6f522e3b7c71f7d35c4918b915305de9306690
GET /wp-content/plugins/wp-accessibility/toolbar/css/a11y-fontsize.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 27 Nov 2018 07:37:30 GMT
ETag: "b381624-22d-57ba0859a0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=5
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/css/a11y.css?ver=4.7.4
166.62.10.141200 OK 1.2 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/css/a11y.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash a18d1b85e0e9f1a1dd61aadb3a59ff25
4e11711d3ed7da4af65d305f538db0249f6b4543
94399c753efa6519c83ff223bfd6287779679f0a79de45a23511eefa9ae23f33
GET /wp-content/plugins/wp-accessibility/toolbar/css/a11y.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 27 Nov 2018 07:37:30 GMT
ETag: "b381625-f7c-57ba0859a0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1162
Keep-Alive: timeout=5
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/oshine-modules/public/css/be-slider.css?ver=4.7.4
166.62.10.141200 OK 4.9 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/oshine-modules/public/css/be-slider.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 95d2301d2ff7508a241c43641efbe893
2e5b05d2e2a2ac8c983ff4fb49f093ae864a24f3
eb5243a78eccf53934e4ee6f603b7af42bfa286b0954dd2f929cfc053e76d5ed
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/oshine-modules/public/css/be-slider.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Tue, 17 Oct 2017 05:02:03 GMT
ETag: "b460b60-d104-55bb7061908c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4914
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=4.7.4
166.62.10.141200 OK 22 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (378)
Hash eb24f50f87137e987add43f00b5468d2
dd6a15dede712161ddcea2d18d546f2b8a701bf2
d9720dcd67ac0475c36ede753ccc6a283e344710d19220905b420b6820b6429c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 12 May 2017 09:40:57 GMT
ETag: "b4609f0-297d1-54f5080985c40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22024
Keep-Alive: timeout=5
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/download-manager/assets/css/front.css?ver=4.7.4
166.62.10.141200 OK 8.2 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/download-manager/assets/css/front.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (774)
Hash ca72862509355539be77ba6475782a90
ab16144a064e132c0b07286ed077ed2ed36f8715
9a234ec685313d2cc8aca7690cebc9d73008070554a24854c9d9eed04d0e4096
GET /wp-content/plugins/download-manager/assets/css/front.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 12 May 2017 09:40:57 GMT
ETag: "b46096a-a7d7-54f5080985c40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8229
Keep-Alive: timeout=5
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/oshine-modules/public/css/oshine-modules.css?ver=1.0.0
166.62.10.141200 OK 21 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/oshine-modules/public/css/oshine-modules.css?ver=1.0.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (320)
Hash 2a2651e31f8c3eab9af38a23d5153f40
add0156454651354a0a015d3474980f943e53117
c01c01b84c780d7727bd7707c1ce97e507decf8bc35856f8c41e9cbaa0d29b61
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/oshine-modules/public/css/oshine-modules.css?ver=1.0.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Tue, 17 Oct 2017 05:02:03 GMT
ETag: "b460b61-1f812-55bb7061908c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21326
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10134
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 19:58:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10134
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 19:58:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: e7ec7e84-0924-4f5f-b289-4c750ea99567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHHnNIAMFlrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-49565105361ec7f76cb818e0;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DvCs6zEt1p58iwZaXfuF9YFA-fieE5Y974E07YMNYPiaGbR5iuXK-A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:51 GMT
age: 79988
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 55565
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 78824
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:59 GMT
age: 78960
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10134
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 19:58:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 75841
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10134
Expires: Fri, 09 Sep 2022 22:47:53 GMT
Date: Fri, 09 Sep 2022 19:58:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25f5b03125ec15193e9dc0970050c2c5
712d9774b838f4d0ade26b674e8d038295cf3a6b
858d64da226534e5a96cb11fedeee1d1d55c0ac9e54a1f98d10e29be0d39eca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8b5268-2aac-4f24-b390-b0e7248d123e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16161
x-amzn-requestid: 041df785-47cb-476f-9c22-d1f776c34bdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThG4uoAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-66d92cab4181c30f66fe59c3;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WB79ZqWSIlt3JU8KdLx7tROSorUqBoLEB7wdLSDotNfYOfz53wEB7w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:53:13 GMT
age: 79546
etag: "712d9774b838f4d0ade26b674e8d038295cf3a6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.lrdgon.org/wp-content/plugins/responsivevoice-text-to-speech/includes/css/responsivevoice.css?ver=4.7.4
166.62.10.141200 OK 187 B URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/responsivevoice-text-to-speech/includes/css/responsivevoice.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 6d0bbf0aee22db8bfeba53bde550cb40
cb0117ea6bdad9df7f997852a4e60baa68156326
f18dcfe6c096e7031be24a2cedaa8f9ea9291ad2f3e36212063aa4383ce75fba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/responsivevoice-text-to-speech/includes/css/responsivevoice.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Tue, 27 Nov 2018 08:05:11 GMT
ETag: "b460d36-12a-57ba0e89adbc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 187
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5
166.62.10.141200 OK 7.0 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (29256), with CRLF line terminators
Hash 606eced6351f068f91f98f4a59fee316
ecfe7f6c053c50f5c8b7ed6b151462e521d4fd85
c41871327c0d7f2aaaa552ef7503850a0d330201cd764e1b7c769521c5733876
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1.5 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:43 GMT
ETag: "b461446-73bd-54dae61bd56c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7024
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/tatsu/public/css/tatsu-shortcodes.css?ver=1.0.0
166.62.10.141200 OK 3.4 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/tatsu/public/css/tatsu-shortcodes.css?ver=1.0.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 1f3ad3e0918bff70593f5750bae5e086
3a6361b7858889a48c5d94b96e1104bb9ec5e8cc
8fd25c6bb1f872732cdabb60c92b54c1c7e961febb49cad2c43d782921c539e7
GET /wp-content/plugins/tatsu/public/css/tatsu-shortcodes.css?ver=1.0.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:20 GMT
ETag: "b460246-4d30-54dae605e6300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3386
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/tatsu/public/css/tatsu.css?ver=1.0.0
166.62.10.141200 OK 1.9 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/tatsu/public/css/tatsu.css?ver=1.0.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 12adca647efb26c2f66f80276703e472
d0e24987c705a596bd30647fab7b9dfc9619a720
d16fa98ba8295c5627e8149f652d5dd3da82a12393ba1cb995aca5604b181260
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/tatsu/public/css/tatsu.css?ver=1.0.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:20 GMT
ETag: "b460247-2a16-54dae605e6300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1932
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/tatsu/public/css/tatsu-css-animations.css?ver=4.7.4
166.62.10.141200 OK 4.2 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/tatsu/public/css/tatsu-css-animations.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 06f20de7d52fa77686a96459d4014938
18d811e913e8edb0882c071bf7ed9f8724ab2735
0de0d77f22bccb337a54400358dfb3479e689b2f60b681a0d5f6b139408af184
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/tatsu/public/css/tatsu-css-animations.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:20 GMT
ETag: "b46024a-98a9-54dae605e6300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4216
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/themes/oshin/css/magnific-popup.css?ver=4.7.4
166.62.10.141200 OK 1.8 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/css/magnific-popup.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d9e778f0c6f5908f59dcae3f2301770c
9a8fc0c32e1f3affb6f54ba33c5beabf3dbc839a
2e24aa9540b66090d65f38e670f06dfe751598a9db0ce5cc2a010b538a734564
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/css/magnific-popup.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 21 Apr 2017 14:47:26 GMT
ETag: "b38013d-1b26-54dae55ff5b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1816
Keep-Alive: timeout=5
Content-Type: text/css
www.lrdgon.org/wp-content/themes/oshin/fonts/icomoon/style.css?ver=4.7.4
166.62.10.141200 OK 6.3 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/fonts/icomoon/style.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash f19449689e0c5d51c3b2863d9e29f10a
d51dfa50e517e670be644361ec197469f4a96921
eabb89dea69fc75ac480e8874f7c99dabcf1ef01e5c789428c1c5d09ebc28327
GET /wp-content/themes/oshin/fonts/icomoon/style.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:26 GMT
ETag: "b380153-9f6d-54dae55ff5b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6342
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/themes/oshin/bb-press/bb-press.css?ver=4.7.4
166.62.10.141200 OK 833 B URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/bb-press/bb-press.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash e5f6e557993a72c7418722fd789ebf9a
f95a9f4da73565ea9ac0f39449c8cd08ff0d19fb
a96cd89ec08cd8ad25856d41add90f3e1c02516ba42ac6fef131a06c8d4d9457
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/bb-press/bb-press.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:48 GMT
ETag: "b380612-a5f-54dae574f0d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 833
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/themes/oshin/css/layout.css?ver=4.7.4
166.62.10.141200 OK 3.4 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/css/layout.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 3d34c6e7fc10ffac8edf03c101381cf7
8767c44c2d14f70b70a037ffb0aa775509fe0c9b
824551d67ad9d48b561550d96d28d1cfff81c05fec8adcfa04ea27be4afa005f
GET /wp-content/themes/oshin/css/layout.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:26 GMT
ETag: "b38013e-49ef-54dae55ff5b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3381
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/themes/oshin/style.css?ver=4.7.4
166.62.10.141200 OK 20 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/style.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (432)
Hash 631f160be5d5cf1153b923521b6f0777
8a8e11b5a05954447f48eb506023be76692b67c9
948f91ec7053e5176f874cbdf515b20e1b8ad6fa335a8facbc0dc8022e230d66
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/style.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:48 GMT
ETag: "b38061d-1b550-54dae574f0d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20430
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/themes/oshin/css/scrollbar.css?ver=4.7.4
166.62.10.141200 OK 735 B URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/css/scrollbar.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 30319bb8680bb01d15435b4a3c193399
5d4854780205df9f6086212000656cd85f403775
3fdd47ff5a110b22fff90ec429ccdd273afd45a4741b2a1917b58247c72700ed
GET /wp-content/themes/oshin/css/scrollbar.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:26 GMT
ETag: "b38013c-16d2-54dae55ff5b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 735
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/themes/oshin/css/flickity.css?ver=4.7.4
166.62.10.141200 OK 2.3 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/css/flickity.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 825a6a5807cc4ff0f3940dfc586d1b19
cb50d3a0977c8b38eb904cc7b1a4cfa982b83e73
5c2ff45a5c552c5e68af283e1b5a6986cd33815ad46b2cef4fb31bf3c943b0b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/css/flickity.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:58:59 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:26 GMT
ETag: "b380140-29ba-54dae55ff5b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2288
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/themes/oshin/fonts/fonts.css?ver=4.7.4
166.62.10.141200 OK 323 B URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/fonts/fonts.css?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash a9a84c267142b252a761776b6b752d3a
4223e0a3d0297c61ce35cd384046650a4208d09e
f21132f79d8c441a81d973c9df55e11c6ed4461a7aa0015dc847df36d9a469a3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/fonts/fonts.css?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:29 GMT
ETag: "b38024f-855-54dae562d2240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 323
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.1.1
166.62.10.141200 OK 11 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.1.1
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash b6867b62c8541a0fb4fa9e520f377498
b2552acb6355b16b1c9d49ac53f4dd25d4fcd4db
970a5721c4b060a551dfe804079124fcb1ad5e8c2ef363c422dc3d162a75bae0
GET /wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.1.1 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:22 GMT
ETag: "b461ac4-13d61-54dae607ce780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10555
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/uploads/masterslider/custom.css?ver=3.2
166.62.10.141200 OK 1.9 kB URL HTTP/1.1 www.lrdgon.org/wp-content/uploads/masterslider/custom.css?ver=3.2
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (14037)
Hash a355e948cab8c0757ccbdac45af22958
3e8cafe215f97c080e6dea089bc89f6d4e32f3c6
202a305191816924cab72c50395c469bf5341e2c7e7180f70e91e53ea60de238
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/masterslider/custom.css?ver=3.2 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Wed, 14 Jun 2017 05:32:00 GMT
ETag: "b3813a4-3b01-551e4df0b3400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1890
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
166.62.10.141200 OK 5.5 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11739)
Hash ff0cc1a2e777dc5139d586eb552b6687
43b5f028311ad3b8d775adbd12c0813095f03a08
c85ee200e26a3003767853818001c378f490ed9a428093b39e823dc3e408af69
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 13:51:39 GMT
ETag: "b381d23-3949-5e3d8513f9ebd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5529
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
166.62.10.141200 OK 35 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32010)
Hash 83a22add6961597df266d62460435efb
242558067e538cd8ccda428715d2c18dfd012ad0
899e6a118b6307920f072fcd563847acca696dba233301b9e9ba117946a865d4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 13:51:39 GMT
ETag: "b381cef-18da1-5e3d8513f603c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35306
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=4.7.4
166.62.10.141200 OK 10 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32025)
Hash 15e9b06bdf6e06845b492762d7a4d5a4
90206ddf38e7bb7c8fd9f536f7d1703ea1f59343
3db6343c57e8f38a8dd2809a5a87aafe6376f608f7c989cefca17e2e99e9c79b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 12 May 2017 09:40:57 GMT
ETag: "b460a00-9367-54f5080985c40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10487
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/download-manager/assets/js/jquery.cookie.js?ver=4.7.4
166.62.10.141200 OK 1.8 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/download-manager/assets/js/jquery.cookie.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1780), with CRLF line terminators
Hash bcb98553b19eb000d09c59fdfc1f9934
c03c6f28e5810bd2a344975bc1c0d9592bb9331c
5239b942d41f81e33b4ffe44f97bf5c985f4249d4f7309c86b82f795584dbdc9
GET /wp-content/plugins/download-manager/assets/js/jquery.cookie.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 12 May 2017 09:40:57 GMT
ETag: "b460a31-f93-54f5080985c40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1788
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/download-manager/assets/js/front.js?ver=4.7.4
166.62.10.141200 OK 2.6 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/download-manager/assets/js/front.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1783)
Hash 2a80906c69bad516a90e64ee65c5d21b
17ee87f8f43a677c99af50d05337443649f83963
16291db58e122dc9553fe83f6554e593fddae5fd02b4a5f226476a40d3ccc205
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/download-manager/assets/js/front.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 12 May 2017 09:40:57 GMT
ETag: "b460a2e-1bc8-54f5080985c40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2578
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/themes/oshin/js/vendor/modernizr.js?ver=4.7.4
166.62.10.141200 OK 7.1 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/modernizr.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (14756)
Hash 91d76fc4574c051cc4ddc907c381f8c1
ed239008c657931e4ce2fa17989ef212e5eae446
e6073722f3d32ccda853442e2eda5a52fcaf2a93968eb95fe986a7ac8e073ffd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/modernizr.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b38040f-432a-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7135
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=4.7.4
166.62.10.141200 OK 10 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2832)
Hash 24b20fd82a9cc1d4b489532d6a647fd5
04ff1d24bbbafaf40c43ed6af52dbee1b86fffea
070d08df49ab1f59efab76e57cd0867477f262114647906311dd9b28cafaad76
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 13:51:39 GMT
ETag: "b460a24-ddc4-5e3d85141449e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10249
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1.5
166.62.10.141200 OK 38 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1.5
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27184), with CRLF line terminators
Hash 9e351d2cc6b8f0c010d414b4dce2e85f
8aedf29948260cbb733c9e5e431f06bfa571a768
0bfa8b067b32984b511eb85c445c6c004c97bec6cb4543727be95675917efb2e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1.5 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:50 GMT
ETag: "b4619b1-1aafa-54dae62282680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 38281
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1.5
166.62.10.141200 OK 18 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1.5
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32026), with CRLF line terminators
Hash ba2e9ffbef9a8222a4d51b59509f51df
23250aa858ac6fd12380beadcf7de32c791f9b23
c40d16a1103733b2a57fed7799ce5bae66ba39561eb92cabb7aba4d1d5fc0ab9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1.5 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:50 GMT
ETag: "b4619b7-fab1-54dae62282680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18181
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-includes/js/comment-reply.min.js?ver=4.7.4
166.62.10.141200 OK 1.5 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/comment-reply.min.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2858), with no line terminators
Hash 6f86ff9f1775526fe8614b4ec1c32513
4826805aaaa13ebb8b3df75b4acbf6582a033f5c
4e707dc2e13fc24e6388285cf5ad96e8ba93e50333d61eff06ad96833564cba5
GET /wp-includes/js/comment-reply.min.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2015 19:15:28 GMT
ETag: "b381d56-b2a-524d577143400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1491
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/js/a11y.js?ver=1.0
166.62.10.141200 OK 2.0 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/js/a11y.js?ver=1.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1794), with CRLF line terminators
Hash f7a0d1ae5e36f3eba5fa698030162102
500a55c47f8c971e626613db2af9345047fcb0af
baaf08195e01f6b9f257a576be64b9aae430273fdda08fb2f109e2be2b68b9c6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-accessibility/toolbar/js/a11y.js?ver=1.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Tue, 27 Nov 2018 07:37:30 GMT
ETag: "b381639-14ab-57ba0859a0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1972
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.0
166.62.10.141200 OK 1.4 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1782), with CRLF line terminators
Hash 23dcbc4777661a8252a874f6be82d777
fa589fc5e9cbb86b548b674b7b6bac91ec0f29f3
7e54ea19bdb3016f289638ea22b3420df3a97f913c93c9e66e699b6cbe79f730
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Tue, 27 Nov 2018 07:37:30 GMT
ETag: "b381614-b5e-57ba0859a0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1363
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/uploads/bb-plugin/cache/8-layout.js?ver=450da7d1f3a84f063432d62c07f579ee
166.62.10.141200 OK 5.1 kB URL HTTP/1.1 www.lrdgon.org/wp-content/uploads/bb-plugin/cache/8-layout.js?ver=450da7d1f3a84f063432d62c07f579ee
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1935)
Hash 96436142d67bf7846abb72f3da18fe5d
9aa645df99293bb92904f55bab2b8641488727c7
701e4b020b158f21f650ce3f25f3203fa7c91879190633073d1696702689e1e7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/8-layout.js?ver=450da7d1f3a84f063432d62c07f579ee HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Tue, 27 Nov 2018 08:43:36 GMT
ETag: "b38088b-43e3-57ba171fe5e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5089
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/oshine-modules/public/js/vendor/asyncloader.js?ver=1.0
166.62.10.141200 OK 1.6 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/oshine-modules/public/js/vendor/asyncloader.js?ver=1.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1797)
Hash fa8ce042787f4a299ba4e68f2b355940
3464fe718fa4b4f406798dee6d2603840aaed24c
426137d1f201bcfd735c6cb7fb20049a9a9cc17b478cb9c1a7e16db914d834ac
GET /wp-content/plugins/oshine-modules/public/js/vendor/asyncloader.js?ver=1.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Tue, 17 Oct 2017 05:02:03 GMT
ETag: "b460bc3-ede-55bb7061908c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1550
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-includes/js/jquery/jquery.form.min.js?ver=3.37.0
166.62.10.141200 OK 6.6 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/jquery/jquery.form.min.js?ver=3.37.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (16151)
Hash e4b7a3ca3ac4ca372b56219ca15a9f27
131c1643f6b0e5908ad2b8d732f1694c37bbb44b
939c5233a96c327c09bc119828a2df013caa368f97c63e80c09aa15b126ee1d7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.form.min.js?ver=3.37.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Mon, 16 Sep 2013 21:06:09 GMT
ETag: "b381cf5-4074-4e68692c17240-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6614
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
166.62.10.141200 OK 2.7 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5555)
Hash de723ff0c2c7a0aa161842d96c31b068
878011a11fd18f6bc6ecea28a1ce1bf1b127a997
98a89b527d178db5be6e3cda7d35ba21c5025ecab132bbc78694031d37e929ae
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
ETag: "b381d0d-1694-5405eff119880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2715
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
166.62.10.141200 OK 3.5 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (8464)
Hash 8a2f872468c609be2ee81c90b15c4b6a
eff5c63a450696743d936c2d11143292682fedfa
43549aa1114ddec7c4b24654186a8566d70e0558debcd28736932d032ccd2519
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
ETag: "b381cfb-21f0-5405eff119880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3526
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
166.62.10.141200 OK 3.6 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10141)
Hash bc6de7a6c03a3fff863e91e941cab268
25e8fb6ab054a8e272d30f6adb814406f04419fd
4eec7d4472990755de6d6ff22e459f1b2337fe182769d87e6ea5c6fa4a763d0b
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
ETag: "b381d18-287c-5405eff119880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3644
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
166.62.10.141200 OK 4.8 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (13677)
Hash 0822b05a525975e430574e4cbf31b1ec
a920552ffa611f3239b0d578de74db15aa9480c4
9d3f65054fe8beed005f0b90879233faf7d38a0c74f7b600ede8d1d692722597
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2016 05:40:34 GMT
ETag: "b381d15-3642-5405eff119880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4827
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/tatsu/public/js/vendor/es6-promise.auto.min.js?ver=4.7.4
166.62.10.141200 OK 3.4 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/tatsu/public/js/vendor/es6-promise.auto.min.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (8147), with no line terminators
Hash 8cd07dc864f24d96b7e5308dc6571c8b
67f00feae644f39e4d207e17ce5b1b4378689d52
27f5a55bee6a6e817519735009fab25f917698cdbcc26bf209013eaa7b241d4a
GET /wp-content/plugins/tatsu/public/js/vendor/es6-promise.auto.min.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:20 GMT
ETag: "b460256-1fd3-54dae605e6300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3369
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/oshine-modules/public/js/oshine-modules.js?ver=1.0.0
166.62.10.141200 OK 23 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/oshine-modules/public/js/oshine-modules.js?ver=1.0.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 1ac5a5a7d152f63057aea62d9bb02b61
22ceb3a0f01df290a6eed5522c7abc2dfce7352f
aa8ebf71293919bf252ad77a0391c4b65eefcbca38ef7b322d6bb2ac1a4f781d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/oshine-modules/public/js/oshine-modules.js?ver=1.0.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:00 GMT
Server: Apache
Last-Modified: Tue, 17 Oct 2017 05:02:03 GMT
ETag: "b460b6d-1fc30-55bb7061908c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22964
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/tatsu/public/js/tatsu.js?ver=1.0.0
166.62.10.141200 OK 5.1 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/tatsu/public/js/tatsu.js?ver=1.0.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1793)
Hash 76520b1e518814ea8af4df420d8bfdc3
40c60ee28b418204d054421916f7c701c94d98f8
fb836ed51504a83a8985eb1262abbbf43b1659d2eeea342fb3cbd2d109040b23
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/tatsu/public/js/tatsu.js?ver=1.0.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:20 GMT
ETag: "b46024f-5dda-54dae605e6300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5051
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/themes/oshin/js/vendor/perfect-scrollbar.jquery.min.js?ver=4.7.4
166.62.10.141200 OK 8.0 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/perfect-scrollbar.jquery.min.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27080)
Hash 08006e5b18144009a848657512bc569f
f8bfca09e458e23d3cb92ed9a2b6889def03aa75
5cb4214342cdbae146d48721641d1ed0a1c8cf6b1b1c201e78793f1f359bba0c
GET /wp-content/themes/oshin/js/vendor/perfect-scrollbar.jquery.min.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 15 Jul 2022 13:51:39 GMT
ETag: "b38040d-74f5-5e3d851405a3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8033
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/themes/oshin/js/script.js?ver=5.0
166.62.10.141200 OK 12 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/script.js?ver=5.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1797)
Hash a60cd2731101e31d1f769aee6c090d56
27eaf0913c0a48c81c152ea84c80575a7760611e
15742b6b2aafc7f3259f1c1c01ba72b6614cea7b67446c6fd1493b47a633ebda
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/script.js?ver=5.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b380428-de8d-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11810
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-includes/js/wp-embed.min.js?ver=4.7.4
166.62.10.141200 OK 1.6 kB URL HTTP/1.1 www.lrdgon.org/wp-includes/js/wp-embed.min.js?ver=4.7.4
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3178), with no line terminators
Hash c9e8e4c6cf8b2ce15170dbbbe452f392
1a32b70513974192eb15c87c57028aa5d641c78a
7dc7e3b2874f82eb740a824c5b3986a32719b48aa6ca6219711b470a6b43d31d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=4.7.4 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Wed, 23 Nov 2016 13:38:33 GMT
ETag: "b381ce3-c6a-541f8014be840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1645
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/beaver-builder-lite-version/js/jquery.easing.1.3.js?ver=1.3
166.62.10.141200 OK 2.9 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/beaver-builder-lite-version/js/jquery.easing.1.3.js?ver=1.3
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (1783)
Hash 530ac13878672842808430455c88ac12
ab6a30561a38108f7ae93e3c929b3cf656db336d
c86df6029d4e994c09668c65cf7b39b7530dbe8c6a9733afd641c691f0cc70a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/beaver-builder-lite-version/js/jquery.easing.1.3.js?ver=1.3 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:07:50 GMT
ETag: "b4604f6-2695-54dadc8607980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2915
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.1.1
166.62.10.141200 OK 37 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.1.1
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (32272)
Hash 5d08ef43d68c36cc521372ff9d8f1b62
7c69e26b1585ea6e3a2595a2f71b7ce056f65566
b478f5392c4dd22e01c248fb544941a217cccf6eef50157fdbc6669c1f3c45d1
GET /wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.1.1 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:22 GMT
ETag: "b461aeb-291bc-54dae607ce780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 36811
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/uploads/bb-plugin/cache/8-layout.css?ver=450da7d1f3a84f063432d62c07f579ee
166.62.10.141200 OK 3.4 kB URL HTTP/1.1 www.lrdgon.org/wp-content/uploads/bb-plugin/cache/8-layout.css?ver=450da7d1f3a84f063432d62c07f579ee
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (18752), with no line terminators
Hash 47fc1f95c863245b7125b4029eaaf2ba
c7bc027b10d0818af2c39529e454e7c542e33916
d26f918d52d404b5c765a34c0832e4a342031ce5a486325b327f8c0d30d912f2
GET /wp-content/uploads/bb-plugin/cache/8-layout.css?ver=450da7d1f3a84f063432d62c07f579ee HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Tue, 27 Nov 2018 08:43:36 GMT
ETag: "b3807cd-4940-57ba171fe5e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3398
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.lrdgon.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
166.62.10.141200 OK 7.1 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Mon, 18 Sep 2017 08:16:49 GMT
ETag: "b46105a-7918-559725d3d5e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.lrdgon.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Sep 2022 22:09:09 GMT
Expires: Thu, 07 Sep 2023 22:09:09 GMT
Cache-Control: public, max-age=31536000
Age: 164992
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
fonts.googleapis.com/css?family=Montserrat:400,700
142.250.74.10200 OK 18 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,700
IP 142.250.74.10:0
Hash 932be74148b2bc196e8e707a780b17e5
278ad3019bc47da012a718914b959eaa1f91f244
b207c8dbb55a01320ab1b176d3df59c41f987c9032c2249407cd387e5d009dfb
GET /css?family=Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lrdgon.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 19:58:59 GMT
date: Fri, 09 Sep 2022 19:58:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.lrdgon.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Sep 2022 21:39:25 GMT
Expires: Tue, 05 Sep 2023 21:39:25 GMT
Cache-Control: public, max-age=31536000
Age: 339576
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/blank.gif
166.62.10.141200 OK 43 B URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/blank.gif
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /wp-content/plugins/masterslider/public/assets/css/blank.gif HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:22 GMT
ETag: "b461ad0-2b-54dae607ce780"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
www.lrdgon.org/wp-content/uploads/2017/04/dolr_logo.png
166.62.10.141200 OK 15 kB URL HTTP/1.1 www.lrdgon.org/wp-content/uploads/2017/04/dolr_logo.png
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 151 x 130, 8-bit/color RGBA, interlaced\012- data
Hash 5653ab079779188bcac7c7be52747622
b52afe82ffb26b7cda0cb893991ebd88c1c3f522
6f1331bf09e2d1d1779ed9d84dfd5d6505238891cf41ee4554ccfbe489bb1af7
GET /wp-content/uploads/2017/04/dolr_logo.png HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Sat, 22 Apr 2017 03:52:36 GMT
ETag: "b381464-3a3c-54db94df8e900"
Accept-Ranges: bytes
Content-Length: 14908
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.lrdgon.org/wp-content/uploads/2017/04/dolr_logo_48x40.png
166.62.10.141200 OK 7.0 kB URL HTTP/1.1 www.lrdgon.org/wp-content/uploads/2017/04/dolr_logo_48x40.png
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 48 x 40, 8-bit/color RGBA, interlaced\012- data
Hash 52cc0d4d99199ddd9c1f876c52129c25
743e0f8b8e357aae0c7ba711e42bea445790e108
fd1f0381a190ae5d2eeddefe784c18412b4bd8404aa0eecc6e2d98b432ff17fc
GET /wp-content/uploads/2017/04/dolr_logo_48x40.png HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Sat, 22 Apr 2017 03:53:13 GMT
ETag: "b38145f-1b35-54db9502d7c40"
Accept-Ranges: bytes
Content-Length: 6965
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Roboto:300|Open+Sans:regular
142.250.74.10200 OK 712 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300|Open+Sans:regular
IP 142.250.74.10:0
Hash 60dacd214986b44eae3871f02196676f
858fbf8d8c7a211736d00bf20287297e65929892
9617e40d19f586b9fd9430894e65e6416acaacbbfdf23cd20a3b362c06be131d
GET /css?family=Roboto:300|Open+Sans:regular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 09 Sep 2022 19:59:01 GMT
Date: Fri, 09 Sep 2022 19:59:01 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.lrdgon.org
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 16740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Sep 2022 19:01:10 GMT
Expires: Tue, 05 Sep 2023 19:01:10 GMT
Cache-Control: public, max-age=31536000
Age: 349071
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT
Content-Type: font/woff2
www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y.woff2
166.62.10.141200 OK 752 B URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y.woff2
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 752, version 1.0\012- data
Hash 30b11b43959ae59215a5fbcec529237d
774d23ae9ef92cc89e8c302e3b73b82f684c59b2
463774833c268778806c2cbd8d297898d4fa0c9f2e55fde71b9a2b6c57c8ec50
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y.woff2 HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y-toolbar.css?ver=4.7.4
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Tue, 27 Nov 2018 07:37:30 GMT
ETag: "b381629-2f0-57ba0859a0280"
Accept-Ranges: bytes
Content-Length: 752
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif
166.62.10.141200 OK 2.7 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type GIF image data, version 89a, 32 x 32\012- data
Hash 214f3c5ef3de8b01b2fe67da6ccfc7e7
e3839756e2515361eb5bedaed9919d4ca53f7b8f
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a
GET /wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.1.1
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:22 GMT
ETag: "b461ac6-a93-54dae607ce780"
Accept-Ranges: bytes
Content-Length: 2707
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
www.lrdgon.org/wp-content/themes/oshin/js/vendor/resizetoparent.js
166.62.10.141200 OK 2.0 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/resizetoparent.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1793)
Hash 8ba7a14e2a2a519d0eda968b5da22bdd
c442c1d84bca70df5d386ba139afefe829482c5c
218bcc37916af09049e91538b882d4d70dc7d42eeb3cdf8c3f7c72096b9fc9af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/resizetoparent.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b380416-11a3-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1951
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/themes/oshin/js/vendor/fitvids.js
166.62.10.141200 OK 2.2 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/fitvids.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (1816)
Hash 3e064d3392d340715b89d3a5454c26f4
5b61f704bfa21b476e3d157262f158b27a3067d1
2bb3047bd73837fd10d474803bec8151c1de8fa9853fb57cd3edc80e307f794c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/fitvids.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b380424-13c1-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2209
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/themes/oshin/js/vendor/hoverintent.js
166.62.10.141200 OK 3.0 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/hoverintent.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1783)
Hash e9e74386e9b27f24385133f88373244f
647d05c84335b334d03e6415dd65bc745ccd02e8
01e05f70c365a43327515445db6069a3d7becc0631b3d2e5df8e9ba95f85f7db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/hoverintent.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b38041d-1e0f-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2968
Keep-Alive: timeout=5
Content-Type: application/javascript
www.lrdgon.org/wp-content/themes/oshin/js/vendor/superfish.js
166.62.10.141200 OK 3.2 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/superfish.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1791)
Hash e9b81c93cb879989c0d5e428beed6767
c14fb8ee41bffcfd18ae1acba2143c7700cde79e
e06690634da6e2cff84306e96326417158f5157613c9705de18c3ed29a05d80f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/superfish.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b380418-223a-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3233
Keep-Alive: timeout=5
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/oshine-modules/public/js/vendor/vivusSVGanimation.js
166.62.10.141200 OK 4.6 kB URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/oshine-modules/public/js/vendor/vivusSVGanimation.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (12773)
Hash 7849b1c24f0221f86fa139dd262fdd67
3322b6ef3f5fe3262d568c089b23eb9dd9b3cefc
5ca7fa5f5fafd2b6c87a69876caf1c06ab6113719cab8d44803039a06e5a0bbf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/oshine-modules/public/js/vendor/vivusSVGanimation.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Tue, 17 Oct 2017 05:02:03 GMT
ETag: "b460bcb-327c-55bb7061908c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4639
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/themes/oshin/js/vendor/transparentheader.js
166.62.10.141200 OK 1.8 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/transparentheader.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1793)
Hash 55022803e548a7b9e9c3eb9974136415
fa8ad566b8559453513d4d26f660a8a4869f8d92
572aa7b8ffc548c39fe36c2d914d4ff6a50879da7bfeb295b7f3db6d38fe01ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/transparentheader.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b380423-14f4-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1766
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/wp-content/themes/oshin/js/vendor/magnificpopup.js
166.62.10.141200 OK 8.6 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/magnificpopup.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (22794)
Hash 5092f99c3d3af3e0098a172493122458
f10b85bd72eff3ecea31d91ecc0debfd2faefa08
4faa7cb8713fe004c914832a10f4ebf0849bf4d9fff43b977afc2450a9659bce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/magnificpopup.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:01 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b38041e-598c-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8608
Keep-Alive: timeout=5
Content-Type: application/javascript
www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/skins/light-skin-6.png
166.62.10.141200 OK 390 B URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/skins/light-skin-6.png
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 152 x 225, 4-bit colormap, non-interlaced\012- data
Hash f57b7091bc78671f57b1209ab707582c
6366cf7de5fc78cebf8b00b30ce0cb3d2e69ef97
5403bac65d3708783c7f27462b3271d0dfeb262a43702d25d4c499842575411a
GET /wp-content/plugins/masterslider/public/assets/css/skins/light-skin-6.png HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.1.1
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:02 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:22 GMT
ETag: "b461ae1-186-54dae607ce780"
Accept-Ranges: bytes
Content-Length: 390
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/common/grab.png
166.62.10.141200 OK 189 B URL HTTP/1.1 www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/common/grab.png
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 16 x 16, 2-bit colormap, non-interlaced\012- data
Hash d717e2539bf1249f1cab65404f7dc8b9
3b096b6e5c09b0438ca6d38f34b754de3ae8c826
31eb6ff40a2336987e2e67319b0a130a8e48475f626f533ebd29fef1ef4b2599
GET /wp-content/plugins/masterslider/public/assets/css/common/grab.png HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.1.1
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:02 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:50:22 GMT
ETag: "b461acd-bd-54dae607ce780"
Accept-Ranges: bytes
Content-Length: 189
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
www.lrdgon.org/wp-content/themes/oshin/js/vendor/easing.js
166.62.10.141200 OK 2.9 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/easing.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (1783)
Hash c34805af2b776f88961cc3ae5f5faa7f
c479261ac88a7ff294530110de31544a73c48119
c4186be2d720e3422ff98666c460374ad48577812bcb80de4f694743bc3c4463
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/easing.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:02 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b38041b-2094-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2864
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.lrdgon.org/favicon.ico
166.62.10.141404 Not Found 0 B URL HTTP/1.1 www.lrdgon.org/favicon.ico
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 404 Not Found
Date: Fri, 09 Sep 2022 19:59:02 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
www.lrdgon.org/wp-content/uploads/2017/06/Training-for-WDT-members-Batch-VI-at-Resource-Centre-Ruzaphema.jpg
166.62.10.141200 OK 186 kB URL HTTP/1.1 www.lrdgon.org/wp-content/uploads/2017/06/Training-for-WDT-members-Batch-VI-at-Resource-Centre-Ruzaphema.jpg
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1296x864, components 3\012- data
Size 186 kB (186273 bytes)
Hash 3dfc1f7bf75b2e834915c90e610786e0
a0812c3b02e0b0fd81067b9723c30ab2379c02b0
484bca094dc559380f86683537233ecb4f14c6462b0d9665ca3745155ff9ccbf
GET /wp-content/uploads/2017/06/Training-for-WDT-members-Batch-VI-at-Resource-Centre-Ruzaphema.jpg HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:02 GMT
Server: Apache
Last-Modified: Wed, 14 Jun 2017 05:09:41 GMT
ETag: "b3813d0-2d7a1-551e48f3baf40"
Accept-Ranges: bytes
Content-Length: 186273
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.lrdgon.org/wp-content/uploads/2017/06/Rubber-Plantation-at-Pongitong-Village-in-Wokha-District-1.jpg
166.62.10.141200 OK 381 kB URL HTTP/1.1 www.lrdgon.org/wp-content/uploads/2017/06/Rubber-Plantation-at-Pongitong-Village-in-Wokha-District-1.jpg
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1440x810, components 3\012- data
Size 381 kB (380770 bytes)
Hash 40d81d8f7b48261312bcf3cf9149831e
0b3b3a2ade887475fefa1c79287be09ca6a7500a
1a11ba8b419d21d4e0ed3c8111557baf9dd4b704ed603a4da4a5fad96919f7be
GET /wp-content/uploads/2017/06/Rubber-Plantation-at-Pongitong-Village-in-Wokha-District-1.jpg HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:02 GMT
Server: Apache
Last-Modified: Wed, 14 Jun 2017 05:04:54 GMT
ETag: "b3813b4-5cf62-551e47e206980"
Accept-Ranges: bytes
Content-Length: 380770
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.lrdgon.org/wp-content/uploads/2017/06/Directorate-Building.jpg
166.62.10.141200 OK 967 kB URL HTTP/1.1 www.lrdgon.org/wp-content/uploads/2017/06/Directorate-Building.jpg
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2012:05:22 12:11:19], baseline, precision 8, 1800x1315, components 3\012- data
Size 967 kB (966959 bytes)
Hash 9b594ed9f7f5a70d977cae88a786c289
f0b3d586acd86ac56c6bbb829b9996cdce8f8de2
0d34951904a587040b94f7a452ef2a5edfb11fdb82e969afd5386762f6388c3a
GET /wp-content/uploads/2017/06/Directorate-Building.jpg HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:02 GMT
Server: Apache
Last-Modified: Wed, 14 Jun 2017 04:57:56 GMT
ETag: "b3813d5-ec12f-551e465363d00"
Accept-Ranges: bytes
Content-Length: 966959
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.lrdgon.org/wp-content/themes/oshin/js/vendor/imagesloaded.js
166.62.10.141200 OK 3.3 kB URL HTTP/1.1 www.lrdgon.org/wp-content/themes/oshin/js/vendor/imagesloaded.js
IP 166.62.10.141:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6833)
Hash 1883e355977f1c50685878a04fa09000
9f993c5a2da15422b74c182ef84baf345f31d506
a54ca4f7bab05e6d7c696f65fa2344d8d381c130df77b2dcbcfd2356ced9c34d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/oshin/js/vendor/imagesloaded.js HTTP/1.1
Host: www.lrdgon.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.lrdgon.org/wp-signup.php?new=lrdgon.org
Cookie: PHPSESSID=85796f374b3319f5aaa7fe124b8c3e52
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 19:59:03 GMT
Server: Apache
Last-Modified: Fri, 21 Apr 2017 14:47:45 GMT
ETag: "b38041f-22ba-54dae57214640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3321
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 706c7ceb40056f848425ca7d994cedc8
b9b1bf8291b6a66f260f82947966fa01ca78c61f
739205893d17a123d2fac165f468314de14a99dc56c9e5b0ac79434f7c38b558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7139
x-amzn-requestid: 5125cc11-410a-4a86-a0cf-68950433b602
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFBoyHycIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318496b-5579dee14390c1b63e97e0fc;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_B0YRYqe6d5Tkoj4JvvTTArO1I5XfWVMUqFAY3rtPl2T0UenSeaeQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:44 GMT
age: 80164
etag: "b9b1bf8291b6a66f260f82947966fa01ca78c61f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
code.responsivevoice.org/1.5.10/responsivevoice.js?source=wp-plugin&ver=4.7.4
172.67.158.66200 OK 0 B URL HTTP/2 code.responsivevoice.org/1.5.10/responsivevoice.js?source=wp-plugin&ver=4.7.4
IP 172.67.158.66:0
GET /1.5.10/responsivevoice.js?source=wp-plugin&ver=4.7.4 HTTP/1.1
Host: code.responsivevoice.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.lrdgon.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 19:58:59 GMT
content-type: application/x-javascript
last-modified: Thu, 13 Feb 2020 18:14:37 GMT
etag: W/"5e45920d-1043a"
content-security-policy: frame-ancestors 'self' responsivevoice.com responsivevoice.org *.responsivevoice.com *.responsivevoice.org
x-frame-options: ALLOW-FROM https://responsivevoice.com https://responsivevoice.org
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVP3fiNrzD%2FcxVhEnHcUA8WhPVbFBljHDkVOpcpaOuTmci6VUwodkhtLRSPiE8qoxAjHv%2B00ljOlCKz9YsKSgYljFU6WJvQgwez2IWmf3cCCOYXSa2ZwREk0X6jOkTiQrunhKjGltWaJcbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74828072abfe0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2