| risdmuseumassociates.org/ | 104.196.37.19 | 301 Moved Permanently | 162 B |
URL HTTP/1.1risdmuseumassociates.org/ IP104.196.37.19:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | fortinet | Malware | |
GET / HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 13 Sep 2022 15:14:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://risdmuseumassociates.org/
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 15:08:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1m2CsoX9gHCeAplggh4swLt0gT-SHzvoi8PO5IfnN77NrYOYJXuFhA==
Age: 321
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashbe88d3e043e3b95b52e41812e50fb634 0318ba1ce487817ea7cba61dd9413bed29213800 b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6358
Expires: Tue, 13 Sep 2022 17:00:05 GMT
Date: Tue, 13 Sep 2022 15:14:07 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.25 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.25:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wlhgtOZkvu_BBlYTmddm4QmX1lmrUqhg9fUTx3aLFAQdODwMQ-M0cA==
age: 38333
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 15:03:22 GMT
Expires: Tue, 13 Sep 2022 15:13:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8ngRoMErbaRiGFDQN_M5XGTITR3WTso6AV35tZrt3zP73F8COn5SAg==
Age: 645
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe96dbe1b54932c8f447bbbfc9d31cfb0 b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd 427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:07 GMT
Last-Modified: Tue, 13 Sep 2022 13:51:22 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashad439cab56126bcc402ee9f92365a209 a4b48a9a733c53cbc7020e190b8c787e1f80f55a d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/css/style.css?ver=1383027151 | 104.196.37.19 | 200 OK | 1.1 kB |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/css/style.css?ver=1383027151 IP104.196.37.19:0
Hashbd2a42b2bb0f73dae6038523bfa51f4a 80ef28cb039ce8cc4f8a9916cbf64f10c05ae37d 45e9344d1f73788b6c437fcc8b8ebd647adcffc7ca38e9cb58d5e8f147c951b2
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ptoffice-plugin//include/css/style.css?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-b6f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 34.217.237.91 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.217.237.91:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7B76YN1rmZQjyfOQSR298g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DRNgfMBo06WLa55eq4MIsWUlx5s=
|
|
| risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-full.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 4.6 kB |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-full.min.css?ver=6.0.2 IP104.196.37.19:0
File typeASCII text, with very long lines (38733), with no line terminators Hash3d69470d1da8bf24684673df6889e794 d656e69528801e106532f934b65899194e1d30cd 3fc0080ddc26724b73e834cd4b5856a9499a7cab37b5c8e3d1014d57ffd36208
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-full.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-974d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ptoffice.com/dm-sso-endpoint/1663082042/?dm_action=domainmap-setup-cdsso | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2ptoffice.com/dm-sso-endpoint/1663082042/?dm_action=domainmap-setup-cdsso IP104.196.37.19:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dm-sso-endpoint/1663082042/?dm_action=domainmap-setup-cdsso HTTP/1.1
Host: ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:09 GMT
content-type: text/javascript; charset=UTF-8
content-length: 0
x-frame-options: sameorigin
x-xss-protection: 1
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
referrer-policy: origin-when-cross-origin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
pragma: no-cache
expires: Tue, 13 Sep 2022 15:16:09 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.css?ver=1383027151 | 104.196.37.19 | 200 OK | 786 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.css?ver=1383027151 IP104.196.37.19:0
File typeASCII text, with CRLF line terminators Hashbbfcff4904727bbd2fd5b21a4c628564 ef86fb9bd677045c5fdb3a854f7c0e165fcb29cc b6266059a94873efe4e238fccdfe263d81283dc77c9a2577626b93170be4b272
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.css?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-297"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.js?ver=2.5.5.5 | 104.196.37.19 | 200 OK | 14 kB |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.js?ver=2.5.5.5 IP104.196.37.19:0
Hash43402d12db3c6ea6f14cbbf0c64bf1f2 77712365c2b3f4db651f707d9aa75ec1a460402a d22274a427e99fe21b5bb74409b7f58e029c73e75570e84f8e95b520e99c2e89
GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.js?ver=2.5.5.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-a352"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2 | 104.196.37.19 | 200 OK | 1.2 kB |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2 IP104.196.37.19:0
File typeHTML document, ASCII text, with very long lines (1781) Hashf72d816cc8ae24454014e2994b97556b 682fd6ac73bcd9f6f511fb497d8083005b826c62 a27a90e9d70f4236afd2641484c1ba81bc536163e4b70b5d930fa066d44bc746
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-6f6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6423
Expires: Tue, 13 Sep 2022 17:01:12 GMT
Date: Tue, 13 Sep 2022 15:14:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6423
Expires: Tue, 13 Sep 2022 17:01:12 GMT
Date: Tue, 13 Sep 2022 15:14:09 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc9ab2ec10c79b91d15edb1d1e3dc763c 744fee4a0baa22ba3aa352d60620a916972b47dd f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 63109
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash838f709437b2dfbede4ee15307afe217 2ab2ee20e720b78be6deb55f967ac0d8b7dad048 a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 63111
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.css?ver=1383027151 | 104.196.37.19 | 200 OK | 9.3 kB |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.css?ver=1383027151 IP104.196.37.19:0
File typeASCII text, with CRLF line terminators Hash153bb278029fc25d24271ecf40de5225 08614d6f2d07c2b9f003a4a5691cb115b38f1df2 8306d69d69a5ccc9314dd7d0877f98e16b849d1f52e9c8e6c583ac16c9b9affd
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.css?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-7f8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/css/widget_custom.css?ver=1383027151 | 104.196.37.19 | 200 OK | 10 kB |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/css/widget_custom.css?ver=1383027151 IP104.196.37.19:0
Hash5e595c56d2c88ac4e78c5ca74755baf9 a07c169eb2ce03bd93c463d7958e8f5c9c9a3cc6 89031f4d3904171b605fdf3e1c45cdcca9fbcd0b162261cb875b7c5261f615dd
GET /wp-content/plugins/ptoffice-plugin/include/modules/membersearch/css/widget_custom.css?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-3ac"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| tools.ptoffice.com/theme/admin/template_content/assets/css/mjs-pto-findafriend-widget.css?ver=1383027151 | 104.21.48.64 | 200 OK | 10 kB |
URL HTTP/2tools.ptoffice.com/theme/admin/template_content/assets/css/mjs-pto-findafriend-widget.css?ver=1383027151 IP104.21.48.64:0
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashf7f5c6c93f438012e61b151a0cdd3dbf 98f1967480eb72ec3a7de9efb4331574079586f3 dda98b7b70738098c35fb330ca95c55812bcad8072bb590bd9cc39ba74b1f401
GET /theme/admin/template_content/assets/css/mjs-pto-findafriend-widget.css?ver=1383027151 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: text/css
last-modified: Tue, 16 Oct 2018 09:37:49 GMT
etag: W/"8014c5e63365d41:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLLiPF0emKDnkFkzt%2BVC0LlrKGtTEspfOHNPnW0aUIHPinH3suRBZZJb92MTSkE3BKMilVqWcTFSgKgm6JRSg%2BroJ6bBxPpd1sOV1wH32kkX11UkJhU%2BqjG45wqoKNm4Fa6LlX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a1d4aefad8b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tools.ptoffice.com/Content/kendo/kendo.default.min.css?ver=1.0 | 104.21.48.64 | 200 OK | 12 kB |
URL HTTP/2tools.ptoffice.com/Content/kendo/kendo.default.min.css?ver=1.0 IP104.21.48.64:0
File typeASCII text, with very long lines (27470), with CRLF line terminators Hash8e9388b4961760b6f274c58eec2e9406 abb9365e4fe28ad289fbf357fe8668f4bc38ccfb 0a2693df19521cee617babc74992ae02b1734a021ced28245a7b66227af95c64
GET /Content/kendo/kendo.default.min.css?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: text/css
last-modified: Thu, 04 Dec 2014 12:20:20 GMT
etag: W/"09a8aabbcfd01:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziD%2BXv17yqMGsaUh4gVDEgJntLsfOgVcbv6NQX%2BLoYdsjYiMbFkc2dAXdrw3xegnHW3TAIyeT2mVmkfflIFhz3p9SPCfjJy%2F%2Bjl87T9dw6VKXZkN3DYQVnJ5N%2Bkh1Nx%2Bd0xAvyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4af0ae8b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash56f5c94138033dc05d4103684d6d04ca fad3bb4b18857d1ecb1aa0048ec5928c5320c6df 81f710c1615192b0d7b57902c88e3c225d5e62863ea0379d4c06f76709da32a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2191
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:09 GMT
Last-Modified: Tue, 13 Sep 2022 14:37:39 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| stats.wpmucdn.com/analytics.js | 151.139.242.7 | 200 OK | 24 kB |
URL HTTP/2stats.wpmucdn.com/analytics.js IP151.139.242.7:0
File typeASCII text, with very long lines (1925) Hash66e020f73ca2ccdcb4ef1b1454e13b98 7c2d30bf730690ed2437db725f3c4de9ca9a9d11 45ec0d06a35d0b222d6d267005f6dce0507055f419aeb22a16b3035e49a7c576
GET /analytics.js HTTP/1.1
Host: stats.wpmucdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:09 GMT
content-type: application/javascript
content-length: 23826
last-modified: Thu, 10 Feb 2022 17:56:53 GMT
etag: "620551e5-1131c"
expires: Fri, 08 Sep 2023 15:13:48 GMT
cache-control: max-age=31104000
content-encoding: gzip
vary: Accept-Encoding
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs-pto-findafriend-widget.js?ver=1.0 | 104.21.48.64 | 200 OK | 2.6 kB |
URL HTTP/2tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs-pto-findafriend-widget.js?ver=1.0 IP104.21.48.64:0
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash402ebbc3f069d31204e2f716dd222186 0b399f976268bebaf6d02339b739a65d9f4bedac 0e31b256006558dc1f76813c6b2d6a482aa68f6bfdaa1f5c23c32354fc1e24d0
GET /theme/admin/template_content/assets/scripts/mjs-pto-findafriend-widget.js?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Jun 2017 13:15:55 GMT
etag: W/"8077f0ad59ebd21:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHjBdBm73XM0xdxGDieN3Ynw%2FzDjYxPYcjYkvuOxdNNaDFMDWJLJPBxA3PxNIk%2FENmey1tWBKjhD5C8sdgFxuLShKGtYbkp3qoL7cBFNjBBi5bBAgj%2FduzVOnSEggjnH5cVyYG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4aefad2b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/translate_static/css/translateelement.css | 142.250.74.74 | 200 OK | 3.6 kB |
URL HTTP/2translate.googleapis.com/translate_static/css/translateelement.css IP142.250.74.74:0
File typeASCII text, with very long lines (18670) Hash897ba9a21d9625286674da769dacc2e2 84b4923ab7dee562395160824d53496314499b77 696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 14:20:37 GMT
expires: Tue, 13 Sep 2022 15:20:37 GMT
cache-control: public, max-age=3600
age: 3212
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2 | 104.196.37.19 | 200 OK | 78 kB |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2 IP104.196.37.19:0
File typeWeb Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data Hashd824df7eb2e268626a2dd9a6a741ac4e 0ccb2c814a7e4ca12c4778821633809cb0361eaa 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:09 GMT
content-type: font/woff2
content-length: 78268
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
etag: "631887a4-131bc"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4a68e0856575d52f7778bc821b5c881b 0956533f660fd0e7096540292f9b60451f60f148 0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash2975bff789fff402ed8a43784cd15293 0337bc68de70f5254f73759397b23ff3bb8d2476 c42d280b188d04963a92c490f66e588fe90790de33172f52508e3e0816ab0f32
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:14:09 GMT
Last-Modified: Tue, 13 Sep 2022 14:06:16 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 28Fxnvor-REMji2VyC54QuUBvAG7oDdWpjm55iHsF77U85WCG1Burw==
Age: 4074
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash167378beef2e1b0dafefbdc6210752c2 afbdff67a5647b04de65499da7d2d00cc21eb808 1dfe3c3aa34673799955912c86f82ccf81a1110cd82058241e2e85fb84e5caa7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1215
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Last-Modified: Tue, 13 Sep 2022 14:53:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| connect.facebook.net/en_US/sdk.js | 157.240.200.14 | 200 OK | 1.7 kB |
URL HTTP/2connect.facebook.net/en_US/sdk.js IP157.240.200.14:0
File typeASCII text, with very long lines (1961) Hashfbe3ed78a815a9ce2c079bf78afdaa2f b96f33fceae6815bef27fa028483afad96539ef4 ca7604aea565da1c3224b5afd877c2306f1b74adc9d3c357d701430d5598bb72
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 8912d41b66485aa0ed48597f68c1b404
etag: "b11905cf94a1513ce572c0c38b5a5d3f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 13 Sep 2022 15:23:59 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ++PteKgVqc4sB5v3iv2qLw==
x-fb-debug: B0wRE8XEf7iMyb7v5NUrPK203qgF/+ScVaibW9Brxurq/teNYyNGJm3XH9uX5sqW8HbOVchLH0DiUpcxPqRWWQ==
content-length: 1687
x-fb-trip-id: 1679558926
date: Tue, 13 Sep 2022 15:14:10 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash167378beef2e1b0dafefbdc6210752c2 afbdff67a5647b04de65499da7d2d00cc21eb808 1dfe3c3aa34673799955912c86f82ccf81a1110cd82058241e2e85fb84e5caa7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1215
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Last-Modified: Tue, 13 Sep 2022 14:53:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| stats1.wpmudev.com/track/?action_name=523%2FRISD%20Museum%20Associates%20%E2%80%93%20Just%20another%20PTOffice%20site&idsite=90723&rec=1&r=190655&h=15&m=13&s=56&url=https%3A%2F%2Frisdmuseumassociates.org%2F&_id=493e7406dab493d8&_idts=1663082037&_idvc=1&_idn=1&_refts=0&_viewts=1663082037&send_image=1&cookie=1&res=1280x1024>_ms=226&pv_id=YjinHu | 3.135.11.48 | 200 OK | 43 B |
URL HTTP/2stats1.wpmudev.com/track/?action_name=523%2FRISD%20Museum%20Associates%20%E2%80%93%20Just%20another%20PTOffice%20site&idsite=90723&rec=1&r=190655&h=15&m=13&s=56&url=https%3A%2F%2Frisdmuseumassociates.org%2F&_id=493e7406dab493d8&_idts=1663082037&_idvc=1&_idn=1&_refts=0&_viewts=1663082037&send_image=1&cookie=1&res=1280x1024>_ms=226&pv_id=YjinHu IP3.135.11.48:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /track/?action_name=523%2FRISD%20Museum%20Associates%20%E2%80%93%20Just%20another%20PTOffice%20site&idsite=90723&rec=1&r=190655&h=15&m=13&s=56&url=https%3A%2F%2Frisdmuseumassociates.org%2F&_id=493e7406dab493d8&_idts=1663082037&_idvc=1&_idn=1&_refts=0&_viewts=1663082037&send_image=1&cookie=1&res=1280x1024>_ms=226&pv_id=YjinHu HTTP/1.1
Host: stats1.wpmudev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:10 GMT
content-type: image/gif
content-length: 43
server: nginx
cache-control: no-store
content-encoding: none
X-Firefox-Spdy: h2
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 142.250.74.106 | 200 OK | 1.4 kB |
URL HTTP/2translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP142.250.74.106:0
Hash3ad547ec47ef63d87eff80e53d6dd861 20cd334266b4bc9b47966d5487f0a2b2d41db765 c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 15:14:10 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 15:14:10 GMT
set-cookie: NID=511=XQOmQhWpS0PjPX0BzRWoVUM1JG36k1kFjcysPhYyy1EJUtJCzG3iB3O8Sx4uTY_M-9tRtyCmJL2MVVs4JdDnw-X3CknEVNzZESfPGmPvQSkDOgYTtY6vNpeJvbTe6vmzFlqCJKd6DzSyIF1m9Iq210sKvrGX4R9xCJW9MIONGx0; expires=Wed, 15-Mar-2023 15:14:10 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+179; expires=Thu, 12-Sep-2024 15:14:10 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbd7b5eb635d48acf1428c326eaa892a1 ba9f6c0db831a88b7d6dbdd98f19e76b4b501258 557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| risdmuseumassociates.org/favicon.ico | 104.196.37.19 | 404 Not Found | 942 B |
URL HTTP/2risdmuseumassociates.org/favicon.ico IP104.196.37.19:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash14e8ab47830463053debf61131d50883 a3bed2626c03e9e38087af506c91bd9f47f5dfc4 3ad7a180974a11191bcef536736ee062a33f4c4bf7f7c9e8b4ae52d128918c05
GET /favicon.ico HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Cookie: _pk_id.90723.9f30=493e7406dab493d8.1663082037.1.1663082037.1663082037.; _pk_ses.90723.9f30=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 15:14:10 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbd7b5eb635d48acf1428c326eaa892a1 ba9f6c0db831a88b7d6dbdd98f19e76b4b501258 557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.163 | 200 OK | 1.8 kB |
URL HTTP/2www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.163:0
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 14:55:54 GMT
expires: Wed, 13 Sep 2023 14:55:54 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png | 142.250.74.163 | 200 OK | 910 B |
URL HTTP/2www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png IP142.250.74.163:0
File typePNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data Hashefa6bb2bfe459bc6f4bdafa3db0383f6 52d15ce52fe50643e542c17812de43f4ed1b6ee0 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 10:47:28 GMT
expires: Tue, 12 Sep 2023 10:47:28 GMT
cache-control: public, max-age=31536000
age: 102402
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/sdk.js?hash=c9cdc3411896fb15c50bfd680f185e70 | 157.240.200.14 | 200 OK | 88 kB |
URL HTTP/2connect.facebook.net/en_US/sdk.js?hash=c9cdc3411896fb15c50bfd680f185e70 IP157.240.200.14:0
File typeASCII text, with very long lines (18460) Hash8a7f24642f2f5e47577eb9684c6a662a e41348f6eab56c4d4556595e7948478163fc0f6b 5ce527b800622efb784e25510ce57d1c3c9c77ea64276bf8595ed465f7924331
GET /en_US/sdk.js?hash=c9cdc3411896fb15c50bfd680f185e70 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://risdmuseumassociates.org
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a50e215af9770459e685d875d407ab59
etag: "e8b6d6257a14a52638d5a5fbe0419617"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 13 Sep 2023 10:20:03 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: in8kZC8vXkdXfrloTGpmKg==
x-fb-debug: Gn2Hrz507iNFBLLv8e+sc/6X7G2XUWeer+g8qk1XlkHZfOXhqjr6RJ4tsm6ZMahohNk+OaMahq0bYmIwBDPMhg==
content-length: 87981
x-fb-trip-id: 1679558926
date: Tue, 13 Sep 2022 15:14:10 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tools.ptoffice.com/Content/kendo/kendo.common.min.css?ver=1383027151 | 104.21.48.64 | 200 OK | 58 kB |
URL HTTP/2tools.ptoffice.com/Content/kendo/kendo.common.min.css?ver=1383027151 IP104.21.48.64:0
File typeASCII text, with very long lines (65081), with CRLF line terminators Hashb4fb5304f1c983f21b16c4b2775aaf28 5af53a5dc727c1bd04dbf04eba69e69744d69c2d 557294bbfaf0034052a9bc955cd0cd068f813f0b10902c4a52d0e2a260a3b2d9
GET /Content/kendo/kendo.common.min.css?ver=1383027151 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: text/css
last-modified: Thu, 04 Dec 2014 12:20:20 GMT
etag: W/"09a8aabbcfd01:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKxxkLEMVAw5iSqReHwyiJNue7Dci0eN3Bjb1KTpns5dKFNFF%2FnSD5MVaoPlxrd8MaskkyWKUA1PFXHDx8cR9EolHkcp8cZMnzHOHZJzcnNmcm4pl%2BZAyOuTQNBtiOMRXslfxfs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a1d4aefabcb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.risdmuseumassociates.org/wp-content/uploads/sites/523/2021/04/Garden_17-05-12_84.jpg | 104.196.37.19 | 200 OK | 1.2 MB |
URL HTTP/2www.risdmuseumassociates.org/wp-content/uploads/sites/523/2021/04/Garden_17-05-12_84.jpg IP104.196.37.19:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, manufacturer=Phase One, model=IQ3 100MP, xresolution=130, yresolution=138, resolutionunit=2, software=Adobe Photoshop Lightroom 5.6 (Windows), datetime=2017:06:01 15:12:09], baseline, precision 8, 1024x768, components 3\012- data Size1.2 MB (1203496 bytes) Hash681c4c3c936b8152d14a69acc581e869 460e6cf26ebb97fcc73e720b8ad985867cbb4c36 3ecd6fcd0d5cbe8879992dd28bfc7c84b57345d22aa9a35d05f9048f174cab58
GET /wp-content/uploads/sites/523/2021/04/Garden_17-05-12_84.jpg HTTP/1.1
Host: www.risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:10 GMT
content-type: image/jpeg
content-length: 1203496
last-modified: Tue, 13 Apr 2021 00:52:58 GMT
etag: "6074eb6a-125d28"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
|
|
| www.risdmuseumassociates.org/wp-content/plugins/bb-plugin/img/pixel.png | 104.196.37.19 | 200 OK | 110 B |
URL HTTP/2www.risdmuseumassociates.org/wp-content/plugins/bb-plugin/img/pixel.png IP104.196.37.19:0
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data Hashe51232cf9fc8dd7b4756cbe34f3be9cc f13437b71cb9ed4c88b819c0c4c5c328a75ba022 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
GET /wp-content/plugins/bb-plugin/img/pixel.png HTTP/1.1
Host: www.risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:10 GMT
content-type: image/png
content-length: 110
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
etag: "631887a4-6e"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/themes/bb-theme-child/style.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/themes/bb-theme-child/style.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/bb-theme-child/style.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 14 Dec 2021 05:58:15 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"61b83277-d2f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-50eb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 IP104.196.37.19:0
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-d53"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 16:13:12 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62ed4198-35e5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons.css?ver=1.0 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons.css?ver=1.0 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ptoffice-weather/css/weather-icons.css?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 16 Jun 2017 04:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"594363c6-7808"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/style.css?ver=1.0 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/style.css?ver=1.0 IP104.196.37.19:0
GET /wp-content/plugins/ptoffice-weather/css/style.css?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 16 Jun 2017 04:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"594363c6-55a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Mon, 09 May 2022 23:00:39 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62799d17-278b4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_store_grid_widget.js?ver=1.0 | 104.21.48.64 | 200 OK | 0 B |
URL HTTP/2tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_store_grid_widget.js?ver=1.0 IP104.21.48.64:0
GET /theme/admin/template_content/assets/scripts/mjs_pto_store_grid_widget.js?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Jun 2017 13:15:55 GMT
etag: W/"8077f0ad59ebd21:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2F8WgKqNesWiqAZimdxZ7uoxxT0i41HC76WOJN0yJ0pRsHRaHdXpCda8vtAmkpCqxUACG8zwll8DXz0onNryg0lzs64IpxwVXQGIz3lr8BkDW%2FJXh4HPqNx2KmTeoj4kuDOktGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4af0afdb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9 IP104.196.37.19:0
GET /wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 03 Dec 2021 16:38:31 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"61aa4807-761c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Mon, 09 May 2022 23:00:39 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62799d17-1da44"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/ | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/ IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET / HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-frame-options: sameorigin
x-xss-protection: 1
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
referrer-policy: origin-when-cross-origin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
link: <https://risdmuseumassociates.org/wp-json/>; rel="https://api.w.org/", <https://risdmuseumassociates.org/wp-json/wp/v2/pages/177>; rel="alternate"; type="application/json", <https://risdmuseumassociates.org/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://risdmuseumassociates.org/wp-json/tribe/events/v1/
x-tec-api-origin: https://risdmuseumassociates.org
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 3
x-cache-group: normal
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Sun, 15 May 2022 14:11:29 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62810a11-1f7d7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 IP104.196.37.19:0
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-636f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_signup_grid_widget.js?ver=1.0 | 104.21.48.64 | 200 OK | 0 B |
URL HTTP/2tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_signup_grid_widget.js?ver=1.0 IP104.21.48.64:0
GET /theme/admin/template_content/assets/scripts/mjs_pto_signup_grid_widget.js?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Jun 2017 13:15:55 GMT
etag: W/"8077f0ad59ebd21:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ytne9xMaekHP74%2BjOS5BC%2FEKsmJ6E2kSWEfT2ks4iJ4eVvGy4sJKJnSiH%2Bx4lEEZOYYxg0xYoBtRrq7m9Ru9IxZtfqA17XYeUAPwEg4DC9HX3VilTm7a1cgTzcsu31Qyk%2F3mezE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4af0aebb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons-wind.css?ver=1.0 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons-wind.css?ver=1.0 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ptoffice-weather/css/weather-icons-wind.css?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 16 Jun 2017 04:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"594363c6-23730"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-events-list-skeleton.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-events-list-skeleton.min.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/events-calendar-pro/src/resources/css/widget-events-list-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-280"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/uploads/sites/523/bb-theme/skin-63192642acdd2.css?ver=1.7.11 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/uploads/sites/523/bb-theme/skin-63192642acdd2.css?ver=1.7.11 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/uploads/sites/523/bb-theme/skin-63192642acdd2.css?ver=1.7.11 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 23:16:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"63192642-10685"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit | 142.250.74.46 | 200 OK | 0 B |
URL HTTP/2translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit IP142.250.74.46:0
GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Sep 2022 15:14:07 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+249; expires=Thu, 12-Sep-2024 15:14:07 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-f9e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-full.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-full.min.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/the-events-calendar/src/resources/css/views-full.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-f30d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP104.196.37.19:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_fundraiser_grid_widget.js?ver=1.0 | 104.21.48.64 | 200 OK | 0 B |
URL HTTP/2tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_fundraiser_grid_widget.js?ver=1.0 IP104.21.48.64:0
GET /theme/admin/template_content/assets/scripts/mjs_pto_fundraiser_grid_widget.js?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Jun 2017 13:15:55 GMT
etag: W/"8077f0ad59ebd21:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eI9v1D3xhoQxffIqMmpXF9KeVofZgUmGQtpQ4kIUzTAt5YGqlH5DEtDyUifYEM7VN4vyOXxTAzOQVjjj9vR%2Bqj%2BpcAAgJTeLWqgYvu8ObIJNPNZyTbxnvJrs6eCSKFmORM0xc38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4aefacfb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/themes/bb-theme-child/overightfiles/widget-featured-venue-skeleton.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/themes/bb-theme-child/overightfiles/widget-featured-venue-skeleton.min.css?ver=6.0.2 IP104.196.37.19:0
GET /wp-content/themes/bb-theme-child/overightfiles/widget-featured-venue-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 13 Oct 2021 12:40:59 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6166d3db-d8d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-2db"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/facebook/includes/scripts/facebook.js?ver=1383027151 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/facebook/includes/scripts/facebook.js?ver=1383027151 IP104.196.37.19:0
GET /wp-content/plugins/ptoffice-plugin/include/modules/facebook/includes/scripts/facebook.js?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-1be"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/separate-login/css/seplog-style.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/separate-login/css/seplog-style.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/separate-login/css/seplog-style.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Mon, 18 Dec 2017 13:08:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"5a37bdb9-1406"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-35ba"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-shortcode-skeleton.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-shortcode-skeleton.min.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/events-calendar-pro/src/resources/css/widget-shortcode-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-5352"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-full.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-full.min.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/events-calendar-pro/src/resources/css/views-full.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-8f11"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=5.14.5 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=5.14.5 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=5.14.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-28f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=6.0.2 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-2505"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.js?ver=1.0 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.js?ver=1.0 IP104.196.37.19:0
GET /wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.js?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-4de"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/themes/bb-theme-child/overightfiles/widget-shortcode-full.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/themes/bb-theme-child/overightfiles/widget-shortcode-full.min.css?ver=6.0.2 IP104.196.37.19:0
GET /wp-content/themes/bb-theme-child/overightfiles/widget-shortcode-full.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 13 Oct 2021 12:41:59 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6166d417-357f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/js/custom-admin.js?ver=1383027151 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/js/custom-admin.js?ver=1383027151 IP104.196.37.19:0
GET /wp-content/plugins/ptoffice-plugin/include/modules/membersearch/js/custom-admin.js?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-8af"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-skeleton.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-skeleton.min.css?ver=6.0.2 IP104.196.37.19:0
GET /wp-content/plugins/the-events-calendar/src/resources/css/views-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-b804"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/themes/bb-theme/js/theme.js?ver=1.7.11 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/themes/bb-theme/js/theme.js?ver=1.7.11 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/themes/bb-theme/js/theme.js?ver=1.7.11 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 16:12:41 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62ed4179-a630"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/themes/bb-theme-child/css/calender.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/themes/bb-theme-child/css/calender.css?ver=6.0.2 IP104.196.37.19:0
GET /wp-content/themes/bb-theme-child/css/calender.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Sat, 19 Jan 2019 07:19:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"5c42cf6d-643e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| tools.ptoffice.com/Content/kendo/scripts/kendo.web.min.js?ver=1383027151 | 104.21.48.64 | 200 OK | 0 B |
URL HTTP/2tools.ptoffice.com/Content/kendo/scripts/kendo.web.min.js?ver=1383027151 IP104.21.48.64:0
GET /Content/kendo/scripts/kendo.web.min.js?ver=1383027151 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 04 Dec 2014 12:20:19 GMT
etag: W/"803f2aabcfd01:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h39CXaK1jB31TWzx7FQw9EYAxk%2B6IEJRHy2UQ43%2BAKWXx2%2B9iQOglRqVlWitS5z1Efj%2Fw3i2Je5MiY02P4oWxOdvqNdlw0OuiRmx5VrhBa1%2FTAE6%2FrrdofUTRKDgbUp1ucugnIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a1d4af0aeab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
etag: W/"62f1c2a8-38"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 23:37:30 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6304133a-1eee"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.css?ver=2.5.5.5 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.css?ver=2.5.5.5 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.css?ver=2.5.5.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-1ca3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-15db1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/widget-options/assets/css/widget-options.css | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/widget-options/assets/css/widget-options.css IP104.196.37.19:0
GET /wp-content/plugins/widget-options/assets/css/widget-options.css HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 00:10:40 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"630ff880-416"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11 IP104.196.37.19:0
GET /wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 16:12:41 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62ed4179-9b01"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-skeleton.min.css?ver=6.0.2 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-skeleton.min.css?ver=6.0.2 IP104.196.37.19:0
GET /wp-content/plugins/events-calendar-pro/src/resources/css/views-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-bd36"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|
| risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5 | 104.196.37.19 | 200 OK | 0 B |
URL HTTP/2risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5 IP104.196.37.19:0
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-e7a9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2
|
|