Report - risdmuseumassociates.org/

Report Overview

Submitted URL
risdmuseumassociates.org/
IP
104.196.37.19
ASN
#15169 GOOGLE
Submitted
2022-09-13 15:14:18
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.33.119.27
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.217.237.91
ptoffice.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	848 B	104.196.37.19
translate.googleapis.com	1005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	4.6 kB	142.250.74.74
risdmuseumassociates.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	23 kB	140 kB	104.196.37.19
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	23 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
tools.ptoffice.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	89 kB	104.21.48.64
stats.wpmucdn.com	40743	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	24 kB	151.139.242.7
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	807 B	92 kB	157.240.200.14
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	807 B	142.250.74.46
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.9 kB	93.184.220.29
stats1.wpmudev.com	32661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	699 B	224 B	3.135.11.48
translate-pa.googleapis.com	1620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	473 B	2.4 kB	142.250.74.106
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	841 B	4.4 kB	142.250.74.163
www.risdmuseumassociates.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	877 B	1.2 MB	104.196.37.19
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	54.230.245.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-13	medium	risdmuseumassociates.org/	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/css/style.css?ver=1383027151	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-full.min.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.css?ver=1383027151	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.css?ver=1383027151	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/themes/bb-theme-child/style.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons.css?ver=1.0	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11	Malware
2022-09-13	medium	risdmuseumassociates.org/	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons-wind.css?ver=1.0	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-events-list-skeleton.min.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/uploads/sites/523/bb-theme/skin-63192642acdd2.css?ver=1.7.11	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-full.min.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/separate-login/css/seplog-style.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-shortcode-skeleton.min.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-full.min.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=5.14.5	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=6.0.2	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/themes/bb-theme/js/theme.js?ver=1.7.11	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.css?ver=2.5.5.5	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-09-13	medium	risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	risdmuseumassociates.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-26
Pretty URL risdmuseumassociates.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 15:38:53 Times Seen31856 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.js?ver=2.5.5.5	42 kB	2023-03-07	2024-01-02
Pretty URL risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.js?ver=2.5.5.5 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:03 Last Seen2024-01-02 19:12:17 Times Seen27 Hash 4f7a5b569bfb3e4f055def175d5abd68 1c7885ef929d98286117343a1c04c135105c49c2 bcfbaa1bc08ce706be55c41b31cbb698b30600147fd2d1425fa120824e9b2185 Loading...

	tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs-pto-findafriend-widget.js?ver=1.0	5.8 kB	2023-03-07	2023-03-07
Pretty URL tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs-pto-findafriend-widget.js?ver=1.0 IP 104.21.48.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash 6aece1aacbe3b2b6a9356365aba84ef7 9eddac9d34581a8ebec9ecb8915ea8ab3251e2d4 b8cd971d69dad545defad139127ee482d74fd8fbfabbc8129858e757ad83c133 Loading...

	http:srcdoc	1.2 kB	2023-03-07	2023-10-23
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2023-10-23 05:00:07 Times Seen4 Hash 1de62a4f326c081c49d5fdbb380837a9 2306f80fa6c73543b3af799b105ef6fc812d89d0 71a8551572997ad5c34fb5e73b002d5b1ce1d900c9e5453f1fe24dfb68bd6c13 Loading...

	risdmuseumassociates.org/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1	26 kB	2023-03-07	2024-04-25
Pretty URL risdmuseumassociates.org/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-25 18:37:13 Times Seen354 Hash 9c987714777529a5e2b4afd81a1f2f7f 8248ee40c640ae5c4afb9753c7e30176a3728038 6d4f84a86bb86352e951b6c9af87c3411920e6bdbc2f407b17af06e1ab5caaa4 Loading...

	risdmuseumassociates.org/	173 B	2023-03-07	2023-11-10
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-11-10 21:58:30 Times Seen3 Hash 62457344824bebfe436ba19a48233d82 2e4d6f5de9720177c39973045d0f5ec3efed071b 676b0a119014ff2bd5104936150e9735b7871597ce477385cf281e716b00013c Loading...

	risdmuseumassociates.org/	1.4 kB	2023-03-07	2024-04-26
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:33 Last Seen2024-04-26 15:37:45 Times Seen1945 Hash baa52dd43e0e29340348ae52a88fdcfd a85cd8502fafa4fb5cb0786c1ab1e6c0c957093e 49117ca60d8aeb4aa478d3541e09db31ce6fe2608ff7f96e9409239390e6b1bc Loading...

	stats.wpmucdn.com/analytics.js	70 kB	2023-03-07	2024-04-24
Pretty URL stats.wpmucdn.com/analytics.js IP 151.139.242.7 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:47 Last Seen2024-04-24 08:21:22 Times Seen2959 Hash 434f3d0418b4425917954bf073f4d262 1119ad5f14fe6a7ce2cc7bdaea72245d5e05c71a 0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742 Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-04-26
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 20:22:36 Times Seen14195 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	risdmuseumassociates.org/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11	40 kB	2023-03-07	2024-03-19
Pretty URL risdmuseumassociates.org/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:27 Last Seen2024-03-19 17:25:45 Times Seen374 Hash fc0af94d977ac3216f20e47dfdc70df1 d5f2dda59ef6af225996fa9f60f4f6bb6c6f37f9 d3b2f660b434b8f2c4c187adfe0f0b6ab4ebffdd99da232e6900112311d66798 Loading...

	risdmuseumassociates.org/	145 B	2023-03-07	2024-04-26
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-26 15:37:45 Times Seen3490 Hash 09c7a3dbfcd65973e5cbdb48c5460c07 086b7a4ac6632ec06f2f0e68f4ff3fcfc9a1c71c d81a9dc0c33559bfacc014a5216f454c40183312addc9623d3da987650cd56f3 Loading...

	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/js/custom-admin.js?ver=1383027151	2.2 kB	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/js/custom-admin.js?ver=1383027151 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash 887a94c3c5732dae6778443a11775fec d6765bcc18ec7829cf805d36e323006a2feb7031 ae3172c3089a66a9eb1cedc9f8394004e41737fdae303aa06aa25fa0086cf343 Loading...

	risdmuseumassociates.org/	289 B	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash 0a1596fc7ba30cada8c58675b2b1927f ce80285a603b4a8c0c438ed6cdb67ec0b7daaf5b 17a297da1c3c197069ea6fd559bf945a2793634e0bf79a75ea1429f357290e54 Loading...

	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0	56 B	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash 0d68560047e3222ce8ce28de2103f09c 1fe9d469ff188da7333b202441b46f33284043ae 2b78c2ff3923c39922b089f350509f5ca628d62a4ac6895927298db7302dcbba Loading...

	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151	4.0 kB	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash 456921f98af7b22cdf42896eb1d4e49e 2e65a857833eddcfae5510be71fc04f19a6f330b 2bafd8e9ec5b5b2739812a3ac9a2a203e719b54b093feeaa4d2e4cc0d2ebb064 Loading...

	risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5	731 B	2023-03-07	2024-04-25
Pretty URL risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-25 11:20:17 Times Seen2329 Hash 97669983f6540f2badeef6ab07e5b637 b6f0084f6747da64cf24334b2c0027e57cbf7f23 fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7 Loading...

	risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2	1.8 kB	2023-03-07	2024-04-26
Pretty URL risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:04 Last Seen2024-04-26 00:21:15 Times Seen753 Hash c2b558f7eda6aaf1803e917c62bd8ffe c187ecbee5605940d1c2541f567e528452d73cf9 fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb Loading...

	tools.ptoffice.com/Content/kendo/scripts/kendo.web.min.js?ver=1383027151	752 kB	2023-03-07	2023-03-07
Pretty URL tools.ptoffice.com/Content/kendo/scripts/kendo.web.min.js?ver=1383027151 IP 104.21.48.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash 8ccb378d28e5c533793967f1011ced82 bb70b30b3d602ef32b6a3f80d2f1959c35b98f79 0f1743a8a9a600b5ce370ba469e4692a65aecf2785f87d9bfaa1d8b39bd7b9e8 Loading...

	risdmuseumassociates.org/	658 B	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash dcadee7fc0e6ba11040c40e11cc0a2dd 113455a9a1a98329571a12010243dd51f7b42173 b0562645e0036856405bdd668177c642d5ee5987ea1eabf5d7257640e24dca79 Loading...

	tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_signup_grid_widget.js?ver=1.0	1.3 kB	2023-03-07	2023-03-07
Pretty URL tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_signup_grid_widget.js?ver=1.0 IP 104.21.48.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash 3142c4e14b176eabe0e88531ccf5a415 b8a81e1388252576b08b179329970a30710b8e7b 7b7b9056f2347fb89d6e9ff7c0f5521f15b72ba925e6e4a5408f1fe8090b4808 Loading...

	tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_fundraiser_grid_widget.js?ver=1.0	1.4 kB	2023-03-07	2023-03-07
Pretty URL tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_fundraiser_grid_widget.js?ver=1.0 IP 104.21.48.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash ed781bec584f3751f671964143a5bf68 1f67dacc53cc626516b320cd8d1bdb3d501ad827 01f9d6c59ecc308f3940347e55cab96e7ba1b0b531fb21e3e777bbe9134445e8 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.aNgHxNvBzn0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpQxgkulmS85uFkIizOp37qET_zcg/m=el_main	268 kB	2023-03-07	2023-03-07
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.aNgHxNvBzn0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpQxgkulmS85uFkIizOp37qET_zcg/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:29:38 Last Seen2023-03-07 16:56:51 Times Seen1 Hash d0eb4beb3d1b732a2f2270267e90b77f 86206c430a4f1eb663a30c899e0fed9f84d8c765 348ce379f003c95ba20fab375a131842ee3032db8bdd0c04e69be453c31b3ce8 Loading...

	risdmuseumassociates.org/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15	14 kB	2023-03-07	2024-04-25
Pretty URL risdmuseumassociates.org/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-04-25 20:11:40 Times Seen578 Hash 9ce2ef9c51d872136c9bd85bd5428ea8 4b4f270db4ec228296f5127f22df9a0b502cec84 37b945e5fe609563e83b37edcbfe3d18aac072a55fc8962978afdf597a3c4aa8 Loading...

	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.js?ver=1.0	1.2 kB	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.js?ver=1.0 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:22 Last Seen2023-03-07 15:52:22 Times Seen1 Hash aa0b160920d5ecb59989c733ef415615 b93e0872606393d9165e9e1d6b5d68b00a69a533 553a54383cfff98415445ccc3c337dc3201875cf9aa0aa441c65170b668e7dca Loading...

	risdmuseumassociates.org/	72 B	2023-03-07	2024-03-14
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:04 Last Seen2024-03-14 01:03:01 Times Seen189 Hash 46dc272707f808a010d65270e350be87 ff0b024e575cd5217454cff3866870a8e3c6d061 029f3cf62854c4139b5392266d61b3e9ceec43cc74c113861e7e782cf5dfc2c4 Loading...

	risdmuseumassociates.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-26
Pretty URL risdmuseumassociates.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 21:27:40 Times Seen38069 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit	78 kB	2023-03-07	2023-03-07
Pretty URL translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:23 Last Seen2023-03-07 15:52:23 Times Seen1 Hash b7d8baad6826282d039c3ca4ccff75c3 a1b3941fe8f9a75cfb0bbefb06868602195f7825 7894101eb63cf10385d25884f047cdb91a6efa886f64fce9d1509f2223a7652c Loading...

	risdmuseumassociates.org/wp-content/themes/bb-theme/js/theme.js?ver=1.7.11	42 kB	2023-03-07	2023-10-15
Pretty URL risdmuseumassociates.org/wp-content/themes/bb-theme/js/theme.js?ver=1.7.11 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:23 Last Seen2023-10-15 12:38:48 Times Seen11 Hash c65121e3677feed5f6d7bc8216f8c48c 702821f6b80a75cf32e9decf21e7765eefcc451e 6941e0d9b89e34937e460ff6087491c728d4acec4c93fd683d786b2ea1ac1bd4 Loading...

	ptoffice.com/dm-sso-endpoint/1663082042/?dm_action=domainmap-setup-cdsso	0 B	2023-03-07	2024-04-26
Pretty URL ptoffice.com/dm-sso-endpoint/1663082042/?dm_action=domainmap-setup-cdsso IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 21:43:44 Times Seen37101764 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_store_grid_widget.js?ver=1.0	1.3 kB	2023-03-07	2023-03-07
Pretty URL tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_store_grid_widget.js?ver=1.0 IP 104.21.48.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:23 Last Seen2023-03-07 15:52:23 Times Seen1 Hash 8739a73f0619037b182f5d14566021c9 6c1e04cee19f9a36f6beab1bd53c4e825bb52eab 457c3fa4c4a24e3842d7f30241ce1b0bc6370526c101214e1446091ab8ee83b5 Loading...

	risdmuseumassociates.org/	2.2 kB	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:23 Last Seen2023-03-07 15:52:23 Times Seen1 Hash 6075c5c0a3a24a9d13cfa90f2e073051 d0aeb4268817f41591a4936895d31392188a01eb e04743a2c60f933f5e2110812b3790c7e85ab069507fb4812aa264c68df2dd56 Loading...

	risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/facebook/includes/scripts/facebook.js?ver=1383027151	446 B	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/facebook/includes/scripts/facebook.js?ver=1383027151 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:23 Last Seen2023-03-07 15:52:23 Times Seen1 Hash bec3599feadc557bdb7cc167fbc2f76b 171343934425834f64019b3b4c43cc46aaf978a8 5f4f341a9a5d953b5835bdbe7d642188a13ae59fca4e100fefb48fc5e37d7321 Loading...

	risdmuseumassociates.org/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	3.4 kB	2023-03-07	2024-04-25
Pretty URL risdmuseumassociates.org/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-25 18:37:12 Times Seen628 Hash 5c38aa6d5b98586ca2ba973ab8b4b6b1 8215983363ea0d74f99368336404b0d27217778f 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df Loading...

	risdmuseumassociates.org/	89 B	2023-03-07	2023-03-07
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:23 Last Seen2023-03-07 15:52:23 Times Seen1 Hash 8443307c8efa3d357c1dd181d94830b6 e240792c00307260db61aaadab9b265d211559c8 f3ced347b95072886ada709e4f0ca6b6bbcf6309bb3aa59c6e5d7cecf2c85788 Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.9	3.1 kB	2023-03-07	2023-03-07
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.9 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:23 Last Seen2023-03-07 15:52:23 Times Seen1 Hash 8912d41b66485aa0ed48597f68c1b404 0b72f7b1a62ec2db0c2f4f7c949d74c4c828a7e9 5f3f62504ae4aec35f05d1a8f15ed7a9944d7875b0e80bc82320864d88863ae3 Loading...

	risdmuseumassociates.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-25
Pretty URL risdmuseumassociates.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 18:37:12 Times Seen3655 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	risdmuseumassociates.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL risdmuseumassociates.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 21:27:40 Times Seen68680 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	risdmuseumassociates.org/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1	7.9 kB	2023-03-07	2024-04-26
Pretty URL risdmuseumassociates.org/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1 IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-26 15:37:45 Times Seen373 Hash 2e174e70fb0a181bc5811025796c0a5d 5ee6f31e7f30110e1e5142b8a03407b5ed8ba2fd b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b Loading...

	risdmuseumassociates.org/	104 B	2023-03-07	2024-04-26
Pretty URL risdmuseumassociates.org/ IP 104.196.37.19 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-26 17:32:03 Times Seen4289 Hash 3217923b47c3b4f1720c42f8cc99b87f 951a09e9e5b98a7ac8d114e42a743e5d41cb5dfb 39aa079dbe6286ef5a74421f2ca2a4d1b8f13b1c1506e51f0635a2c434b1b286 Loading...

HTTP Transactions (91)

URL IP Response Size

risdmuseumassociates.org/

104.196.37.19

301 Moved Permanently

162 B

URL HTTP/1.1
risdmuseumassociates.org/
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 13 Sep 2022 15:14:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://risdmuseumassociates.org/

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 15:08:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1m2CsoX9gHCeAplggh4swLt0gT-SHzvoi8PO5IfnN77NrYOYJXuFhA==
Age: 321

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6358
Expires: Tue, 13 Sep 2022 17:00:05 GMT
Date: Tue, 13 Sep 2022 15:14:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wlhgtOZkvu_BBlYTmddm4QmX1lmrUqhg9fUTx3aLFAQdODwMQ-M0cA==
age: 38333
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 15:03:22 GMT
Expires: Tue, 13 Sep 2022 15:13:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8ngRoMErbaRiGFDQN_M5XGTITR3WTso6AV35tZrt3zP73F8COn5SAg==
Age: 645

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4965
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:07 GMT
Last-Modified: Tue, 13 Sep 2022 13:51:22 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/css/style.css?ver=1383027151

104.196.37.19

200 OK

1.1 kB

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/css/style.css?ver=1383027151
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
1.1 kB (1124 bytes)
Hash
bd2a42b2bb0f73dae6038523bfa51f4a
80ef28cb039ce8cc4f8a9916cbf64f10c05ae37d
45e9344d1f73788b6c437fcc8b8ebd647adcffc7ca38e9cb58d5e8f147c951b2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin//include/css/style.css?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-b6f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.217.237.91

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.217.237.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7B76YN1rmZQjyfOQSR298g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DRNgfMBo06WLa55eq4MIsWUlx5s=

risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-full.min.css?ver=6.0.2

104.196.37.19

200 OK

4.6 kB

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-full.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38733), with no line terminators
Size
4.6 kB (4621 bytes)
Hash
3d69470d1da8bf24684673df6889e794
d656e69528801e106532f934b65899194e1d30cd
3fc0080ddc26724b73e834cd4b5856a9499a7cab37b5c8e3d1014d57ffd36208

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-full.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-974d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

ptoffice.com/dm-sso-endpoint/1663082042/?dm_action=domainmap-setup-cdsso

104.196.37.19

200 OK

0 B

URL HTTP/2
ptoffice.com/dm-sso-endpoint/1663082042/?dm_action=domainmap-setup-cdsso
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dm-sso-endpoint/1663082042/?dm_action=domainmap-setup-cdsso HTTP/1.1
Host: ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:09 GMT
content-type: text/javascript; charset=UTF-8
content-length: 0
x-frame-options: sameorigin
x-xss-protection: 1
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
referrer-policy: origin-when-cross-origin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
pragma: no-cache
expires: Tue, 13 Sep 2022 15:16:09 GMT
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.css?ver=1383027151

104.196.37.19

200 OK

786 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.css?ver=1383027151
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
ASCII text, with CRLF line terminators
Size
786 B (786 bytes)
Hash
bbfcff4904727bbd2fd5b21a4c628564
ef86fb9bd677045c5fdb3a854f7c0e165fcb29cc
b6266059a94873efe4e238fccdfe263d81283dc77c9a2577626b93170be4b272

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.css?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-297"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.js?ver=2.5.5.5

104.196.37.19

200 OK

14 kB

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.js?ver=2.5.5.5
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
14 kB (13496 bytes)
Hash
43402d12db3c6ea6f14cbbf0c64bf1f2
77712365c2b3f4db651f707d9aa75ec1a460402a
d22274a427e99fe21b5bb74409b7f58e029c73e75570e84f8e95b520e99c2e89

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.js?ver=2.5.5.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-a352"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2

104.196.37.19

200 OK

1.2 kB

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (1781)
Size
1.2 kB (1218 bytes)
Hash
f72d816cc8ae24454014e2994b97556b
682fd6ac73bcd9f6f511fb497d8083005b826c62
a27a90e9d70f4236afd2641484c1ba81bc536163e4b70b5d930fa066d44bc746

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-6f6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6423
Expires: Tue, 13 Sep 2022 17:01:12 GMT
Date: Tue, 13 Sep 2022 15:14:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6423
Expires: Tue, 13 Sep 2022 17:01:12 GMT
Date: Tue, 13 Sep 2022 15:14:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9945 bytes)
Hash
c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 63109
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10849 bytes)
Hash
838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 63111
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.css?ver=1383027151

104.196.37.19

200 OK

9.3 kB

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.css?ver=1383027151
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
ASCII text, with CRLF line terminators
Size
9.3 kB (9335 bytes)
Hash
153bb278029fc25d24271ecf40de5225
08614d6f2d07c2b9f003a4a5691cb115b38f1df2
8306d69d69a5ccc9314dd7d0877f98e16b849d1f52e9c8e6c583ac16c9b9affd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.css?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-7f8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/css/widget_custom.css?ver=1383027151

104.196.37.19

200 OK

10 kB

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/css/widget_custom.css?ver=1383027151
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
10 kB (10211 bytes)
Hash
5e595c56d2c88ac4e78c5ca74755baf9
a07c169eb2ce03bd93c463d7958e8f5c9c9a3cc6
89031f4d3904171b605fdf3e1c45cdcca9fbcd0b162261cb875b7c5261f615dd

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin/include/modules/membersearch/css/widget_custom.css?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-3ac"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

tools.ptoffice.com/theme/admin/template_content/assets/css/mjs-pto-findafriend-widget.css?ver=1383027151

104.21.48.64

200 OK

10 kB

URL HTTP/2
tools.ptoffice.com/theme/admin/template_content/assets/css/mjs-pto-findafriend-widget.css?ver=1383027151
IP
104.21.48.64:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
10 kB (10314 bytes)
Hash
f7f5c6c93f438012e61b151a0cdd3dbf
98f1967480eb72ec3a7de9efb4331574079586f3
dda98b7b70738098c35fb330ca95c55812bcad8072bb590bd9cc39ba74b1f401

HTTP Headers

GET /theme/admin/template_content/assets/css/mjs-pto-findafriend-widget.css?ver=1383027151 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: text/css
last-modified: Tue, 16 Oct 2018 09:37:49 GMT
etag: W/"8014c5e63365d41:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLLiPF0emKDnkFkzt%2BVC0LlrKGtTEspfOHNPnW0aUIHPinH3suRBZZJb92MTSkE3BKMilVqWcTFSgKgm6JRSg%2BroJ6bBxPpd1sOV1wH32kkX11UkJhU%2BqjG45wqoKNm4Fa6LlX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a1d4aefad8b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tools.ptoffice.com/Content/kendo/kendo.default.min.css?ver=1.0

104.21.48.64

200 OK

12 kB

URL HTTP/2
tools.ptoffice.com/Content/kendo/kendo.default.min.css?ver=1.0
IP
104.21.48.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27470), with CRLF line terminators
Size
12 kB (12522 bytes)
Hash
8e9388b4961760b6f274c58eec2e9406
abb9365e4fe28ad289fbf357fe8668f4bc38ccfb
0a2693df19521cee617babc74992ae02b1734a021ced28245a7b66227af95c64

HTTP Headers

GET /Content/kendo/kendo.default.min.css?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: text/css
last-modified: Thu, 04 Dec 2014 12:20:20 GMT
etag: W/"09a8aabbcfd01:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziD%2BXv17yqMGsaUh4gVDEgJntLsfOgVcbv6NQX%2BLoYdsjYiMbFkc2dAXdrw3xegnHW3TAIyeT2mVmkfflIFhz3p9SPCfjJy%2F%2Bjl87T9dw6VKXZkN3DYQVnJ5N%2Bkh1Nx%2Bd0xAvyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4af0ae8b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
56f5c94138033dc05d4103684d6d04ca
fad3bb4b18857d1ecb1aa0048ec5928c5320c6df
81f710c1615192b0d7b57902c88e3c225d5e62863ea0379d4c06f76709da32a4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2191
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:09 GMT
Last-Modified: Tue, 13 Sep 2022 14:37:39 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

stats.wpmucdn.com/analytics.js

151.139.242.7

200 OK

24 kB

URL HTTP/2
stats.wpmucdn.com/analytics.js
IP
151.139.242.7:0
ASN
#12989 StackPath LLC

File type
ASCII text, with very long lines (1925)
Size
24 kB (23826 bytes)
Hash
66e020f73ca2ccdcb4ef1b1454e13b98
7c2d30bf730690ed2437db725f3c4de9ca9a9d11
45ec0d06a35d0b222d6d267005f6dce0507055f419aeb22a16b3035e49a7c576

HTTP Headers

GET /analytics.js HTTP/1.1
Host: stats.wpmucdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:09 GMT
content-type: application/javascript
content-length: 23826
last-modified: Thu, 10 Feb 2022 17:56:53 GMT
etag: "620551e5-1131c"
expires: Fri, 08 Sep 2023 15:13:48 GMT
cache-control: max-age=31104000
content-encoding: gzip
vary: Accept-Encoding
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs-pto-findafriend-widget.js?ver=1.0

104.21.48.64

200 OK

2.6 kB

URL HTTP/2
tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs-pto-findafriend-widget.js?ver=1.0
IP
104.21.48.64:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
2.6 kB (2602 bytes)
Hash
402ebbc3f069d31204e2f716dd222186
0b399f976268bebaf6d02339b739a65d9f4bedac
0e31b256006558dc1f76813c6b2d6a482aa68f6bfdaa1f5c23c32354fc1e24d0

HTTP Headers

GET /theme/admin/template_content/assets/scripts/mjs-pto-findafriend-widget.js?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Jun 2017 13:15:55 GMT
etag: W/"8077f0ad59ebd21:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHjBdBm73XM0xdxGDieN3Ynw%2FzDjYxPYcjYkvuOxdNNaDFMDWJLJPBxA3PxNIk%2FENmey1tWBKjhD5C8sdgFxuLShKGtYbkp3qoL7cBFNjBBi5bBAgj%2FduzVOnSEggjnH5cVyYG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4aefad2b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.74

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18670)
Size
3.6 kB (3619 bytes)
Hash
897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 14:20:37 GMT
expires: Tue, 13 Sep 2022 15:20:37 GMT
cache-control: public, max-age=3600
age: 3212
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2

104.196.37.19

200 OK

78 kB

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Size
78 kB (78268 bytes)
Hash
d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:09 GMT
content-type: font/woff2
content-length: 78268
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
etag: "631887a4-131bc"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2975bff789fff402ed8a43784cd15293
0337bc68de70f5254f73759397b23ff3bb8d2476
c42d280b188d04963a92c490f66e588fe90790de33172f52508e3e0816ab0f32

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:14:09 GMT
Last-Modified: Tue, 13 Sep 2022 14:06:16 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 28Fxnvor-REMji2VyC54QuUBvAG7oDdWpjm55iHsF77U85WCG1Burw==
Age: 4074

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
167378beef2e1b0dafefbdc6210752c2
afbdff67a5647b04de65499da7d2d00cc21eb808
1dfe3c3aa34673799955912c86f82ccf81a1110cd82058241e2e85fb84e5caa7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1215
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Last-Modified: Tue, 13 Sep 2022 14:53:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/sdk.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1961)
Size
1.7 kB (1687 bytes)
Hash
fbe3ed78a815a9ce2c079bf78afdaa2f
b96f33fceae6815bef27fa028483afad96539ef4
ca7604aea565da1c3224b5afd877c2306f1b74adc9d3c357d701430d5598bb72

HTTP Headers

GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 8912d41b66485aa0ed48597f68c1b404
etag: "b11905cf94a1513ce572c0c38b5a5d3f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 13 Sep 2022 15:23:59 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ++PteKgVqc4sB5v3iv2qLw==
x-fb-debug: B0wRE8XEf7iMyb7v5NUrPK203qgF/+ScVaibW9Brxurq/teNYyNGJm3XH9uX5sqW8HbOVchLH0DiUpcxPqRWWQ==
content-length: 1687
x-fb-trip-id: 1679558926
date: Tue, 13 Sep 2022 15:14:10 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
167378beef2e1b0dafefbdc6210752c2
afbdff67a5647b04de65499da7d2d00cc21eb808
1dfe3c3aa34673799955912c86f82ccf81a1110cd82058241e2e85fb84e5caa7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1215
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Last-Modified: Tue, 13 Sep 2022 14:53:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

stats1.wpmudev.com/track/?action_name=523%2FRISD%20Museum%20Associates%20%E2%80%93%20Just%20another%20PTOffice%20site&idsite=90723&rec=1&r=190655&h=15&m=13&s=56&url=https%3A%2F%2Frisdmuseumassociates.org%2F&_id=493e7406dab493d8&_idts=1663082037&_idvc=1&_idn=1&_refts=0&_viewts=1663082037&send_image=1&cookie=1&res=1280x1024&gt_ms=226&pv_id=YjinHu

3.135.11.48

200 OK

43 B

URL HTTP/2
stats1.wpmudev.com/track/?action_name=523%2FRISD%20Museum%20Associates%20%E2%80%93%20Just%20another%20PTOffice%20site&idsite=90723&rec=1&r=190655&h=15&m=13&s=56&url=https%3A%2F%2Frisdmuseumassociates.org%2F&_id=493e7406dab493d8&_idts=1663082037&_idvc=1&_idn=1&_refts=0&_viewts=1663082037&send_image=1&cookie=1&res=1280x1024&gt_ms=226&pv_id=YjinHu
IP
3.135.11.48:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /track/?action_name=523%2FRISD%20Museum%20Associates%20%E2%80%93%20Just%20another%20PTOffice%20site&idsite=90723&rec=1&r=190655&h=15&m=13&s=56&url=https%3A%2F%2Frisdmuseumassociates.org%2F&_id=493e7406dab493d8&_idts=1663082037&_idvc=1&_idn=1&_refts=0&_viewts=1663082037&send_image=1&cookie=1&res=1280x1024&gt_ms=226&pv_id=YjinHu HTTP/1.1
Host: stats1.wpmudev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:10 GMT
content-type: image/gif
content-length: 43
server: nginx
cache-control: no-store
content-encoding: none
X-Firefox-Spdy: h2

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.106

200 OK

1.4 kB

URL HTTP/2
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 15:14:10 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 15:14:10 GMT
set-cookie: NID=511=XQOmQhWpS0PjPX0BzRWoVUM1JG36k1kFjcysPhYyy1EJUtJCzG3iB3O8Sx4uTY_M-9tRtyCmJL2MVVs4JdDnw-X3CknEVNzZESfPGmPvQSkDOgYTtY6vNpeJvbTe6vmzFlqCJKd6DzSyIF1m9Iq210sKvrGX4R9xCJW9MIONGx0; expires=Wed, 15-Mar-2023 15:14:10 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+179; expires=Thu, 12-Sep-2024 15:14:10 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

risdmuseumassociates.org/favicon.ico

104.196.37.19

404 Not Found

942 B

URL HTTP/2
risdmuseumassociates.org/favicon.ico
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
942 B (942 bytes)
Hash
14e8ab47830463053debf61131d50883
a3bed2626c03e9e38087af506c91bd9f47f5dfc4
3ad7a180974a11191bcef536736ee062a33f4c4bf7f7c9e8b4ae52d128918c05

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Cookie: _pk_id.90723.9f30=493e7406dab493d8.1663082037.1.1663082037.1663082037.; _pk_ses.90723.9f30=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 13 Sep 2022 15:14:10 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.163

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 14:55:54 GMT
expires: Wed, 13 Sep 2023 14:55:54 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.163

200 OK

910 B

URL HTTP/2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 10:47:28 GMT
expires: Tue, 12 Sep 2023 10:47:28 GMT
cache-control: public, max-age=31536000
age: 102402
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_US/sdk.js?hash=c9cdc3411896fb15c50bfd680f185e70

157.240.200.14

200 OK

88 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js?hash=c9cdc3411896fb15c50bfd680f185e70
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (18460)
Size
88 kB (87981 bytes)
Hash
8a7f24642f2f5e47577eb9684c6a662a
e41348f6eab56c4d4556595e7948478163fc0f6b
5ce527b800622efb784e25510ce57d1c3c9c77ea64276bf8595ed465f7924331

HTTP Headers

GET /en_US/sdk.js?hash=c9cdc3411896fb15c50bfd680f185e70 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://risdmuseumassociates.org
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a50e215af9770459e685d875d407ab59
etag: "e8b6d6257a14a52638d5a5fbe0419617"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 13 Sep 2023 10:20:03 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: in8kZC8vXkdXfrloTGpmKg==
x-fb-debug: Gn2Hrz507iNFBLLv8e+sc/6X7G2XUWeer+g8qk1XlkHZfOXhqjr6RJ4tsm6ZMahohNk+OaMahq0bYmIwBDPMhg==
content-length: 87981
x-fb-trip-id: 1679558926
date: Tue, 13 Sep 2022 15:14:10 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tools.ptoffice.com/Content/kendo/kendo.common.min.css?ver=1383027151

104.21.48.64

200 OK

58 kB

URL HTTP/2
tools.ptoffice.com/Content/kendo/kendo.common.min.css?ver=1383027151
IP
104.21.48.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65081), with CRLF line terminators
Size
58 kB (57630 bytes)
Hash
b4fb5304f1c983f21b16c4b2775aaf28
5af53a5dc727c1bd04dbf04eba69e69744d69c2d
557294bbfaf0034052a9bc955cd0cd068f813f0b10902c4a52d0e2a260a3b2d9

HTTP Headers

GET /Content/kendo/kendo.common.min.css?ver=1383027151 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: text/css
last-modified: Thu, 04 Dec 2014 12:20:20 GMT
etag: W/"09a8aabbcfd01:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKxxkLEMVAw5iSqReHwyiJNue7Dci0eN3Bjb1KTpns5dKFNFF%2FnSD5MVaoPlxrd8MaskkyWKUA1PFXHDx8cR9EolHkcp8cZMnzHOHZJzcnNmcm4pl%2BZAyOuTQNBtiOMRXslfxfs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a1d4aefabcb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.risdmuseumassociates.org/wp-content/uploads/sites/523/2021/04/Garden_17-05-12_84.jpg

104.196.37.19

200 OK

1.2 MB

URL HTTP/2
www.risdmuseumassociates.org/wp-content/uploads/sites/523/2021/04/Garden_17-05-12_84.jpg
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, manufacturer=Phase One, model=IQ3 100MP, xresolution=130, yresolution=138, resolutionunit=2, software=Adobe Photoshop Lightroom 5.6 (Windows), datetime=2017:06:01 15:12:09], baseline, precision 8, 1024x768, components 3\012- data
Size
1.2 MB (1203496 bytes)
Hash
681c4c3c936b8152d14a69acc581e869
460e6cf26ebb97fcc73e720b8ad985867cbb4c36
3ecd6fcd0d5cbe8879992dd28bfc7c84b57345d22aa9a35d05f9048f174cab58

HTTP Headers

GET /wp-content/uploads/sites/523/2021/04/Garden_17-05-12_84.jpg HTTP/1.1
Host: www.risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:10 GMT
content-type: image/jpeg
content-length: 1203496
last-modified: Tue, 13 Apr 2021 00:52:58 GMT
etag: "6074eb6a-125d28"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

www.risdmuseumassociates.org/wp-content/plugins/bb-plugin/img/pixel.png

104.196.37.19

200 OK

110 B

URL HTTP/2
www.risdmuseumassociates.org/wp-content/plugins/bb-plugin/img/pixel.png
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
110 B (110 bytes)
Hash
e51232cf9fc8dd7b4756cbe34f3be9cc
f13437b71cb9ed4c88b819c0c4c5c328a75ba022
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

HTTP Headers

GET /wp-content/plugins/bb-plugin/img/pixel.png HTTP/1.1
Host: www.risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:10 GMT
content-type: image/png
content-length: 110
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
etag: "631887a4-6e"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/themes/bb-theme-child/style.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/themes/bb-theme-child/style.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme-child/style.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Tue, 14 Dec 2021 05:58:15 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"61b83277-d2f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-50eb"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-d53"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.15 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 16:13:12 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62ed4198-35e5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons.css?ver=1.0

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons.css?ver=1.0
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ptoffice-weather/css/weather-icons.css?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 16 Jun 2017 04:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"594363c6-7808"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/style.css?ver=1.0

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/style.css?ver=1.0
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/ptoffice-weather/css/style.css?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 16 Jun 2017 04:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"594363c6-55a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/css/bootstrap-4.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Mon, 09 May 2022 23:00:39 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62799d17-278b4"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_store_grid_widget.js?ver=1.0

104.21.48.64

200 OK

0 B

URL HTTP/2
tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_store_grid_widget.js?ver=1.0
IP
104.21.48.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /theme/admin/template_content/assets/scripts/mjs_pto_store_grid_widget.js?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Jun 2017 13:15:55 GMT
etag: W/"8077f0ad59ebd21:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2F8WgKqNesWiqAZimdxZ7uoxxT0i41HC76WOJN0yJ0pRsHRaHdXpCda8vtAmkpCqxUACG8zwll8DXz0onNryg0lzs64IpxwVXQGIz3lr8BkDW%2FJXh4HPqNx2KmTeoj4kuDOktGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4af0afdb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.9 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 03 Dec 2021 16:38:31 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"61aa4807-761c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/css/bootstrap.min.css?ver=1.7.11 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Mon, 09 May 2022 23:00:39 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62799d17-1da44"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-frame-options: sameorigin
x-xss-protection: 1
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
referrer-policy: origin-when-cross-origin
permissions-policy: accelerometer=(self), autoplay=(self), camera=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self)
link: <https://risdmuseumassociates.org/wp-json/>; rel="https://api.w.org/", <https://risdmuseumassociates.org/wp-json/wp/v2/pages/177>; rel="alternate"; type="application/json", <https://risdmuseumassociates.org/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://risdmuseumassociates.org/wp-json/tribe/events/v1/
x-tec-api-origin: https://risdmuseumassociates.org
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 3
x-cache-group: normal
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/google-language-translator/css/style.css?ver=6.0.15 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Sun, 15 May 2022 14:11:29 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62810a11-1f7d7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-636f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_signup_grid_widget.js?ver=1.0

104.21.48.64

200 OK

0 B

URL HTTP/2
tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_signup_grid_widget.js?ver=1.0
IP
104.21.48.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /theme/admin/template_content/assets/scripts/mjs_pto_signup_grid_widget.js?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Jun 2017 13:15:55 GMT
etag: W/"8077f0ad59ebd21:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ytne9xMaekHP74%2BjOS5BC%2FEKsmJ6E2kSWEfT2ks4iJ4eVvGy4sJKJnSiH%2Bx4lEEZOYYxg0xYoBtRrq7m9Ru9IxZtfqA17XYeUAPwEg4DC9HX3VilTm7a1cgTzcsu31Qyk%2F3mezE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4af0aebb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons-wind.css?ver=1.0

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-weather/css/weather-icons-wind.css?ver=1.0
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ptoffice-weather/css/weather-icons-wind.css?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 16 Jun 2017 04:51:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"594363c6-23730"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-events-list-skeleton.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-events-list-skeleton.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/events-calendar-pro/src/resources/css/widget-events-list-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-280"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/uploads/sites/523/bb-theme/skin-63192642acdd2.css?ver=1.7.11

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/uploads/sites/523/bb-theme/skin-63192642acdd2.css?ver=1.7.11
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/sites/523/bb-theme/skin-63192642acdd2.css?ver=1.7.11 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 23:16:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"63192642-10685"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

142.250.74.46

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Sep 2022 15:14:07 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+249; expires=Thu, 12-Sep-2024 15:14:07 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin//include/js/script.js?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-f9e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-full.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-full.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/the-events-calendar/src/resources/css/views-full.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-f30d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_fundraiser_grid_widget.js?ver=1.0

104.21.48.64

200 OK

0 B

URL HTTP/2
tools.ptoffice.com/theme/admin/template_content/assets/scripts/mjs_pto_fundraiser_grid_widget.js?ver=1.0
IP
104.21.48.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /theme/admin/template_content/assets/scripts/mjs_pto_fundraiser_grid_widget.js?ver=1.0 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 22 Jun 2017 13:15:55 GMT
etag: W/"8077f0ad59ebd21:0"
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eI9v1D3xhoQxffIqMmpXF9KeVofZgUmGQtpQ4kIUzTAt5YGqlH5DEtDyUifYEM7VN4vyOXxTAzOQVjjj9vR%2Bqj%2BpcAAgJTeLWqgYvu8ObIJNPNZyTbxnvJrs6eCSKFmORM0xc38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a1d4aefacfb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/themes/bb-theme-child/overightfiles/widget-featured-venue-skeleton.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/themes/bb-theme-child/overightfiles/widget-featured-venue-skeleton.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/bb-theme-child/overightfiles/widget-featured-venue-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 13 Oct 2021 12:40:59 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6166d3db-d8d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-2db"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/facebook/includes/scripts/facebook.js?ver=1383027151

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/facebook/includes/scripts/facebook.js?ver=1383027151
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin/include/modules/facebook/includes/scripts/facebook.js?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-1be"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/separate-login/css/seplog-style.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/separate-login/css/seplog-style.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/separate-login/css/seplog-style.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Mon, 18 Dec 2017 13:08:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"5a37bdb9-1406"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-35ba"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-shortcode-skeleton.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/widget-shortcode-skeleton.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/events-calendar-pro/src/resources/css/widget-shortcode-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-5352"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-full.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-full.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/events-calendar-pro/src/resources/css/views-full.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-8f11"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=5.14.5

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=5.14.5
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=5.14.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-28f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/the-events-calendar/common/src/resources/css/variables-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-2505"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.js?ver=1.0

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.js?ver=1.0
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin/include/modules/groups/includes/groups.js?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-4de"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/themes/bb-theme-child/overightfiles/widget-shortcode-full.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/themes/bb-theme-child/overightfiles/widget-shortcode-full.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/bb-theme-child/overightfiles/widget-shortcode-full.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 13 Oct 2021 12:41:59 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6166d417-357f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/js/custom-admin.js?ver=1383027151

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/membersearch/js/custom-admin.js?ver=1383027151
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin/include/modules/membersearch/js/custom-admin.js?ver=1383027151 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62f1c2a8-8af"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-skeleton.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/the-events-calendar/src/resources/css/views-skeleton.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/the-events-calendar/src/resources/css/views-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:39:37 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b49-b804"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/themes/bb-theme/js/theme.js?ver=1.7.11

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/themes/bb-theme/js/theme.js?ver=1.7.11
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/bb-theme/js/theme.js?ver=1.7.11 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 16:12:41 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62ed4179-a630"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/themes/bb-theme-child/css/calender.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/themes/bb-theme-child/css/calender.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/bb-theme-child/css/calender.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Sat, 19 Jan 2019 07:19:09 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"5c42cf6d-643e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

tools.ptoffice.com/Content/kendo/scripts/kendo.web.min.js?ver=1383027151

104.21.48.64

200 OK

0 B

URL HTTP/2
tools.ptoffice.com/Content/kendo/scripts/kendo.web.min.js?ver=1383027151
IP
104.21.48.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Content/kendo/scripts/kendo.web.min.js?ver=1383027151 HTTP/1.1
Host: tools.ptoffice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://risdmuseumassociates.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:14:08 GMT
content-type: application/javascript
last-modified: Thu, 04 Dec 2014 12:20:19 GMT
etag: W/"803f2aabcfd01:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h39CXaK1jB31TWzx7FQw9EYAxk%2B6IEJRHy2UQ43%2BAKWXx2%2B9iQOglRqVlWitS5z1Efj%2Fw3i2Je5MiY02P4oWxOdvqNdlw0OuiRmx5VrhBa1%2FTAE6%2FrrdofUTRKDgbUp1ucugnIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a1d4af0aeab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ptoffice-plugin/include/modules/audience/includes/audience.js?ver=1.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 02:12:56 GMT
etag: W/"62f1c2a8-38"
cache-control: public, max-age=31536000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.11.1 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 23:37:30 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6304133a-1eee"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.css?ver=2.5.5.5

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.css?ver=2.5.5.5
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.css?ver=2.5.5.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-1ca3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Wed, 27 Jul 2022 01:43:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62e0982f-15db1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/widget-options/assets/css/widget-options.css

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/widget-options/assets/css/widget-options.css
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/widget-options/assets/css/widget-options.css HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 00:10:40 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"630ff880-416"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: application/javascript
last-modified: Fri, 05 Aug 2022 16:12:41 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62ed4179-9b01"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-skeleton.min.css?ver=6.0.2

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/events-calendar-pro/src/resources/css/views-skeleton.min.css?ver=6.0.2
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/events-calendar-pro/src/resources/css/views-skeleton.min.css?ver=6.0.2 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Fri, 09 Sep 2022 00:38:50 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631a8b1a-bd36"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5

104.196.37.19

200 OK

0 B

URL HTTP/2
risdmuseumassociates.org/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5
IP
104.196.37.19:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/css/all.min.css?ver=2.5.5.5 HTTP/1.1
Host: risdmuseumassociates.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://risdmuseumassociates.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:14:07 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 11:59:32 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"631887a4-e7a9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations