r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4093
Expires: Sat, 24 Sep 2022 05:46:20 GMT
Date: Sat, 24 Sep 2022 04:38:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
18.164.68.8200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.8:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 04:05:32 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f33cf28b2f4af4733ccec76b9bf56bc6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: LSmSf34TwhwnD85c7fj5S18yt09jSZpuuo1N4DBQRmQtjmz9iSXtuQ==
Age: 1955
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 17a77a72dc1e9981253a822e540e37c2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: OUofr1v7EwlAXs-WM5RJNXQ9lI3qp67R01rCiccs2-HQXyhU8buWKA==
age: 1504
X-Firefox-Spdy: h2
goodworkers.org/
160.119.252.7301 Moved Permanently 0 B IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-redirect-by: WordPress
location: https://goodworkers.org/
x-litespeed-cache: hit
content-length: 0
date: Sat, 24 Sep 2022 04:38:07 GMT
server: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 04:38:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.8200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.8:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 04:20:46 GMT
Expires: Sat, 24 Sep 2022 04:41:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 af877631d7eceee4a5878c04d25f5986.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: er_IZ4ympZeJQVg-2Df98tKY_li_o9po30kvCfLkeH06XxT3faRlpA==
Age: 1041
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1684
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:08 GMT
Last-Modified: Sat, 24 Sep 2022 04:10:04 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5JQIhBK2ZwX0zYCn2vk++w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QtFCuiQCPXKKP7dfexd1C0sO8qk=
goodworkers.org/
160.119.252.7200 OK 19 kB IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 5bccb0b71f6e419d35f7f033c9db3853
5c1ce93fe7675b5c5b5d42f92b579de6b503a903
4d7a4b2ac8afe7c4ac6cdace1793540d82c1bb415a6fd2eeba7338ad95b3b489
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://goodworkers.org/wp-json/>; rel="https://api.w.org/", <https://goodworkers.org/wp-json/wp/v2/pages/983>; rel="alternate"; type="application/json", <https://goodworkers.org/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://goodworkers.org/wp-json/tribe/events/v1/
x-tec-api-origin: https://goodworkers.org
etag: "270-1663755200;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 19278
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?key=AIzaSyDOkqN917F-V3B3BdilLSiO8AgmBy4sZaU&ver=6.0.2
142.250.74.138200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyDOkqN917F-V3B3BdilLSiO8AgmBy4sZaU&ver=6.0.2
IP 142.250.74.138:0
File type ASCII text, with very long lines (2453)
Hash 760e74651c022f3ad15eb8f2e4ac81ed
31270ce949e581865b68cb2918bb31e87036a8c5
d718bb8078d6664dabebdd4f260d6a00673539383404827fe5fc480d0095bd71
GET /maps/api/js?key=AIzaSyDOkqN917F-V3B3BdilLSiO8AgmBy4sZaU&ver=6.0.2 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sat, 24 Sep 2022 04:38:08 GMT
expires: Sat, 24 Sep 2022 05:08:08 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54037
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
goodworkers.org/wp-content/plugins/unyson/framework/static/libs/linecons/css/linecons.css?ver=2.7.26
160.119.252.7200 OK 53 kB URL HTTP/2 goodworkers.org/wp-content/plugins/unyson/framework/static/libs/linecons/css/linecons.css?ver=2.7.26
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65421)
Hash fe7e1ae9a79a768c95449544e386510f
3eb6cdc6bc3a1886a0f7dd8c2def4ab5722b6912
9d5edc62ea70687b4cd01d4b7c12278225b144015b45498de883a6a83e0cd625
GET /wp-content/plugins/unyson/framework/static/libs/linecons/css/linecons.css?ver=2.7.26 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:16:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 53284
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.26
160.119.252.7200 OK 6.7 kB URL HTTP/2 goodworkers.org/wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.26
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (30837)
Hash 97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
GET /wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.26 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:16:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?rev=6.2.23
160.119.252.7200 OK 44 kB URL HTTP/2 goodworkers.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?rev=6.2.23
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 4fabca2522b46655d66e80a8e0f51b99
90deed5fcafb260dceec850841a335d883072967
1b8b3b55102a08e2bf87c5a743baf2a24da44ce11a2da488a8afaa1fdf77134c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?rev=6.2.23 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 43687
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/uploads/2017/07/student-drug.jpg
160.119.252.7200 OK 87 kB URL HTTP/2 goodworkers.org/wp-content/uploads/2017/07/student-drug.jpg
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=2013 Getty Images], baseline, precision 8, 1000x667, components 3\012- data
Hash d8a7b97ef18cbeb87b751d8cb67f389c
0192f9b2b8b05cd81b8e094c1238f9a9573aa40b
19417d3fe2ff18115572fe658d7451d4abef8448dd7247579ec415114bdd784e
GET /wp-content/uploads/2017/07/student-drug.jpg HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: image/jpeg
last-modified: Fri, 26 Mar 2021 12:39:39 GMT
accept-ranges: bytes
content-length: 86741
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/uploads/2020/12/GMI_LOGO-removebg-preview.png
160.119.252.7200 OK 15 kB URL HTTP/2 goodworkers.org/wp-content/uploads/2020/12/GMI_LOGO-removebg-preview.png
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type PNG image data, 91 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash b83804a78643882025df29ecde9ea251
6beffd6c1c7a3f552dc2b45846ed7f28e2447472
7c52e8d604baa78d267e9aa8cdcc33c3702bd0ed8bd901a11c842c7e5c3d7d9b
GET /wp-content/uploads/2020/12/GMI_LOGO-removebg-preview.png HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: image/png
last-modified: Fri, 26 Mar 2021 12:39:42 GMT
accept-ranges: bytes
content-length: 15411
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/unyson/framework/static/libs/entypo/css/entypo.css?ver=2.7.26
160.119.252.7200 OK 3.0 kB URL HTTP/2 goodworkers.org/wp-content/plugins/unyson/framework/static/libs/entypo/css/entypo.css?ver=2.7.26
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash cf4f094da7d8f97c7619d0fc50252bb8
6069302411d64dd1c2005de7befec73ddb219c63
03374dcf21d4e4d2cf766978a038ede8a89e5750c11612d01771e5428ac85b29
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/unyson/framework/static/libs/entypo/css/entypo.css?ver=2.7.26 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:16:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3021
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/unyson/framework/static/libs/lnr/css/lnr.css?ver=2.7.26
160.119.252.7200 OK 1.5 kB URL HTTP/2 goodworkers.org/wp-content/plugins/unyson/framework/static/libs/lnr/css/lnr.css?ver=2.7.26
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (7191)
Hash 9a32fe39327fc394b96c099fbedcb07d
183fe886ceaff8ff02a76b4727c43ea126f6f2ce
56096e62beba3bd5c8ee4dc50bc94bec90beab22fa3670f09cdb1ef91abf01c6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/unyson/framework/static/libs/lnr/css/lnr.css?ver=2.7.26 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:16:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1517
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/unyson/framework/static/libs/typcn/css/typcn.css?ver=2.7.26
160.119.252.7200 OK 3.3 kB URL HTTP/2 goodworkers.org/wp-content/plugins/unyson/framework/static/libs/typcn/css/typcn.css?ver=2.7.26
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash 26a12c2e00603f85af0d3e41c7f435f1
bad3eb510d4e60076146bd7a549c44ca76a9fac1
96f2fd5bbe7b748d8c4d6b459cd8bfab4923a211cb79fcbe4b643ef7d918213d
GET /wp-content/plugins/unyson/framework/static/libs/typcn/css/typcn.css?ver=2.7.26 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:16:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3295
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.2
160.119.252.7200 OK 8.3 kB URL HTTP/2 goodworkers.org/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.2
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (7136)
Hash 2276f1dfaeb6963c36a075efb85d07dc
6609f3c071a7afb2455de0cfc751a7d4a4b151d7
aa2e278c1c4421018fa89c4545e0d879766580049bae12a4e3eb21d5a4fe9c44
GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.2 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8298
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.2
160.119.252.7200 OK 2.1 kB URL HTTP/2 goodworkers.org/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.2
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash ccae4785f1c22d34b6cb43678a59a870
991d1d81a198c71dd8e3134f8b3ae96f1e7622c4
d87b51808468c3b8db2920cfd065562dbdd0b18f8944a0755decf21fa554ee38
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.2 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2124
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
160.119.252.7200 OK 11 kB URL HTTP/2 goodworkers.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 19:04:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/give/assets/dist/css/give.css?ver=2.21.0
160.119.252.7200 OK 13 kB URL HTTP/2 goodworkers.org/wp-content/plugins/give/assets/dist/css/give.css?ver=2.21.0
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (57886)
Hash 1f73b130decb39cd00decd63fb727812
ade1649c3944d976e3308e5d09cb470dc61b039d
38e0711675e6d56fa5968ff09d208c055fa7e27289fa20e5fdcd1d7db413ff5f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/give/assets/dist/css/give.css?ver=2.21.0 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13227
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
160.119.252.7200 OK 12 kB URL HTTP/2 goodworkers.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 7cf1a82356797e33772aa878ac5e494c
c55136905a7f9bb658bd8838d309a86eb4d97558
7578387996db1a0b0408038de76795ff3b1688ac9d42687060f32ed991a375bc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.23 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12088
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/newsletter/style.css?ver=7.4.6
160.119.252.7200 OK 1.2 kB URL HTTP/2 goodworkers.org/wp-content/plugins/newsletter/style.css?ver=7.4.6
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash b1f57401bb14035bb9d6c84326a45742
fc39487b307fc1594feee39c4c3db6da38ab3da6
6eecefac5ed2c1138220ad356402061c558e48bc91f6c2253b523fba8942151b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/newsletter/style.css?ver=7.4.6 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:10:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1187
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/give/assets/dist/css/give-donation-summary.css?ver=2.21.0
160.119.252.7200 OK 465 B URL HTTP/2 goodworkers.org/wp-content/plugins/give/assets/dist/css/give-donation-summary.css?ver=2.21.0
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (2040), with no line terminators
Hash 185f1e97cc39471d061069c390549731
efa811a604fed550eddb8a632ac1c1f0b778a420
45db2851c98e3f6e401fcda75015c95f2ce4886889b1ce23f94385d266b819d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/give/assets/dist/css/give-donation-summary.css?ver=2.21.0 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 465
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
160.119.252.7200 OK 848 B URL HTTP/2 goodworkers.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:32:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/css/font-awesome.css?ver=6.1
160.119.252.7200 OK 6.2 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/css/font-awesome.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (28596)
Hash 8f61cc00f776591ec513a82cca84c326
1958b9477b54dd79cb67dd95fd87df8e6eac685f
2c06783cd9a669f15cbb46a26c2b8e8d25e16d964d9afd44936f8254e9d86453
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/css/font-awesome.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6212
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/unyson/framework/static/libs/unycon/unycon.css?ver=2.7.26
160.119.252.7200 OK 5.6 kB URL HTTP/2 goodworkers.org/wp-content/plugins/unyson/framework/static/libs/unycon/unycon.css?ver=2.7.26
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash 030d3f1d70463905f73c437922610a45
2bacf557cb339db9bc8a7a06535267246da844b4
4805bf8a2e39e478d627b638e44c66a7efa495bc524575d7298049d32d6af808
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/unyson/framework/static/libs/unycon/unycon.css?ver=2.7.26 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 18:16:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5629
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/lightGallery/css/lightgallery.min.css?ver=6.1
160.119.252.7200 OK 3.5 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/lightGallery/css/lightgallery.min.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (19970), with no line terminators
Hash db159da7d1dfb83ac49fa3a2fa26ad32
01e463fed1b816dbc9ba77ee1ff8d155794d2b08
a0bd1d542e28215728ddbe086e5d1a05391aced5632513b3ef69b5ccc4502c83
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/lightGallery/css/lightgallery.min.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3477
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/fonts/ionicons/css/ionicons.min.css?ver=6.1
160.119.252.7200 OK 7.5 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/fonts/ionicons/css/ionicons.min.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (50806)
Hash e064ec1e3b891e003c624cf1756f184e
a46b31d74d45a270e63e501daa5edb54164d8473
343f1991eb62bcde3abe603f329b8fd8413421678d928a2d7202c6c7af28c801
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/fonts/ionicons/css/ionicons.min.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7533
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/sweetalert/dist/sweetalert.css?ver=6.1
160.119.252.7200 OK 3.5 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/sweetalert/dist/sweetalert.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash dd0aeb6ced1bf341e76d07f2326f7ecf
2a83f33d7df652058254a8fe9ce1569a7fafa6db
18cda6e717c0f822dac1eb2e690514472a2f62636343c79929b04299981992f3
GET /wp-content/themes/alone/assets/sweetalert/dist/sweetalert.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3487
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/owl.carousel/assets/owl.carousel.min.css?ver=6.1
160.119.252.7200 OK 820 B URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/owl.carousel/assets/owl.carousel.min.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (2863)
Hash 92e6dc476e0b4ef6ae32a2097e62a4d2
577bf18fe2f8796ceef8b9523e53079207380f46
234e264de05b545470614ee5efc7222b9d61be12ef67254975b25345db515519
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/owl.carousel/assets/owl.carousel.min.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 820
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/style.css?ver=6.1
160.119.252.7200 OK 432 B URL HTTP/2 goodworkers.org/wp-content/themes/alone/style.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type HTML document, ASCII text, with very long lines (354)
Hash 9020d04e578a3f20eafda66cd470aed7
9fdeeb110b3525df136215b6ffa09c7cb1bf823c
b077c4bd7f26f56e302645d5fd2c2331d31a90bbf19e2b81f7b4fc372b0bbf73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/style.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 432
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/fonts/local-font.css?ver=6.1
160.119.252.7200 OK 239 B URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/fonts/local-font.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash 346753e22350508e713ce9c1feca96c5
25cbcf5c7f53838ecfb3686218fbf9bc3e434dfc
4e334ddce3d32ed4d9225f18ebff49e543c73aba02b6e063c7240a5b351b9fb4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/fonts/local-font.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 239
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
160.119.252.7200 OK 6.9 kB URL HTTP/2 goodworkers.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 1f5152610686781567fb3008c4429792
d0c0bddf5fb8603ed8e55c32f3093c2207f72471
75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6872
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7225
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:38:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7225
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:38:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7225
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:38:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 24073
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 24067
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:05:15 GMT
age: 23574
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f93f322ecd0244e7ee4169b200b50df
8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3
2bb739a60a4581e554fb308be7df8b3d7f47e95051e5ef5e0d1d9ed0a0443b68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4829
x-amzn-requestid: c283df3f-4198-47dd-9b24-634c425bccd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2aA_HgFoAMF_tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0a06-3881d661368a03ae48227b37;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:08:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NX_aUnmznw69dQzAWyvuo9umcrue7WRWVKjpYbWLfUbyqlBa1szcig==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 07:40:18 GMT
age: 75471
etag: "8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed165f50993660657ba10cdebdb895b3
0241ca5908ca229c2528a3c84177488cc2c08c13
b13c7b9ce6ae5d4295467977258ab19da8329b0f1db39e38f11d16d905d742cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14237
x-amzn-requestid: ebac6624-ee74-4911-b34d-f12abd8524e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruIG08oAMF6bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-1119098a051db3235b3a0674;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PuRSMM1YJ_03oGNhk2W-FwfPRkhU_TDcvyi-31NspF3s8U7erzx6_A==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:58:48 GMT
age: 23961
etag: "0241ca5908ca229c2528a3c84177488cc2c08c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d84c4ddafb066f0340a6108644e18e6b
058909341bf245c24fd86fc076acf2a3c246a96c
ca9019fab30635e3548e05e088ff5a5d612ffe7c01f29465c4133710a41c0245
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7829
x-amzn-requestid: 18df2f34-f279-4088-8488-76e429fdbb49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tZ4HqsoAMFrgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e290b-42270a1556339a3c5a941f89;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:45:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cSHVvtCZq1SkklylzL4DaNV_mrCx3kDp3fMxKlycHID-oPPMlNW7Bg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:02 GMT
etag: "058909341bf245c24fd86fc076acf2a3c246a96c"
content-type: image/jpeg
age: 23947
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/bootstrap/css/bootstrap.css?ver=6.1
160.119.252.7200 OK 20 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/bootstrap/css/bootstrap.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (540)
Hash 7844452d01af16b76d5df12958022557
d5745ab39feb91bc9e8f8bc9f18de71331a9605f
5c1e502e09e8eff0b67e92b8cf63bfdcee482cf366a626517e84bc1bed5c2304
GET /wp-content/themes/alone/assets/bootstrap/css/bootstrap.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19973
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
160.119.252.7200 OK 30 kB URL HTTP/2 goodworkers.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/css/animate.css?ver=6.1
160.119.252.7200 OK 4.4 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/css/animate.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (460)
Hash 9af0e6288b07e98e86b93a857dc1dde1
b4ce7671f9973db6b68e9b4601518fa2aee9026b
80899d00683298c9b8a475c7dd0c227e8577fe43c04a468d639ccbd41bc22c2b
GET /wp-content/themes/alone/assets/css/animate.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4438
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
160.119.252.7200 OK 2.4 kB URL HTTP/2 goodworkers.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
160.119.252.7200 OK 4.0 kB URL HTTP/2 goodworkers.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 11:39:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
160.119.252.7200 OK 1.6 kB URL HTTP/2 goodworkers.org/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (4875)
Hash 06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
160.119.252.7200 OK 3.7 kB URL HTTP/2 goodworkers.org/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash f778ade6a70be55cbf039cfafb20fa7f
68d7a7f2d88907a038ec557ae0ab67f58d7bcdc5
88fd2a2f80a5ff9f70a6c4019d81f3bae8bc92623697454faa44f448cc43ad93
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/jquery-countdown/jquery.plugin.min.js?ver=6.1
160.119.252.7200 OK 1.4 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/jquery-countdown/jquery.plugin.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (2373)
Hash 2d5f72108af03faa82677de56e7a7864
575d3e758ecafcd24f1ebb63084a7b22d5e93a6c
0abddf596ef15e94b293348ced1ea89a2fc92efad804c83a1e7de7dc62326011
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/jquery-countdown/jquery.plugin.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1394
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/jquery-countdown/jquery.countdown.min.js?ver=6.1
160.119.252.7200 OK 4.3 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/jquery-countdown/jquery.countdown.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (13345)
Hash b933f739f1dd0e8cb5c76985521b4ff8
406ba44ce71eee4770f9b602662608796a6cdc07
fa0299f11edc1ee214f748257eeef0338440dfd36f64ead335741368d284ff53
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/jquery-countdown/jquery.countdown.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4262
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/revslider/public/assets/fonts/pe-icon-7-stroke/css/pe-icon-7-stroke.css
160.119.252.7200 OK 1.7 kB URL HTTP/2 goodworkers.org/wp-content/plugins/revslider/public/assets/fonts/pe-icon-7-stroke/css/pe-icon-7-stroke.css
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with CRLF line terminators
Hash 4afe4cb44e791f683c3c6b72d5ef6fc2
8b4eef69ca003801a8e8d18ec2dbb3f25b846eef
5037b01f5eecc895c8fc0a2713dfb21802aab072d74bcbf72a8189cf2fb27d01
GET /wp-content/plugins/revslider/public/assets/fonts/pe-icon-7-stroke/css/pe-icon-7-stroke.css HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1681
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/give/assets/dist/js/give-donation-summary.js?ver=2.21.0
160.119.252.7200 OK 2.8 kB URL HTTP/2 goodworkers.org/wp-content/plugins/give/assets/dist/js/give-donation-summary.js?ver=2.21.0
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (8455), with no line terminators
Hash f0e7e992f46e6bc78cf8bf42eb4088ae
78c5a9b855fe0b36772c43cd05f697245e3b9a1c
2b3d5d5696ab3666e08b84b4d1807fe9e940f1b43a2cabe7ffd399565d5a7dc0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/give/assets/dist/js/give-donation-summary.js?ver=2.21.0 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 18:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
160.119.252.7200 OK 1.0 kB URL HTTP/2 goodworkers.org/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (3233)
Hash 9e26fdd5e87f346b6419a2f81e6b3fcb
ae55a3391e61ef838c8b352738e27417f4a88ad3
889b8ea6140d0999ba175bd4d8e13966def1de6a67e7ae4ba9c0b8ce2d4ccf85
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1000
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
160.119.252.7200 OK 6.6 kB URL HTTP/2 goodworkers.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6637
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1
160.119.252.7200 OK 5.1 kB URL HTTP/2 goodworkers.org/wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (18523)
Hash 69d44ed0699a7b6e24f3a15dee49ec98
a047c69a419930df77a93d4fb2c6972075da66c6
dd6ff9795762edb4f50545e28641781889d3ef127dadf270350007f523ab7029
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/resizable.min.js?ver=1.13.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5120
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/lazysizes.min.js?ver=6.1
160.119.252.7200 OK 10 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/lazysizes.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (8252)
Hash 1f7a5897ced17b9d3c2027266361ce5f
ea21f6fd33b23d331115283bb8ce7bc6f7cda736
238c36276279f727e84712cb8af4e9b1d58782a69069e021969b8732dc4c1815
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/js/lazysizes.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10188
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/jquery.stellar.min.js?ver=6.1
160.119.252.7200 OK 3.2 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/jquery.stellar.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (12453)
Hash 2584a2567a6af974e1a3cb9e529815af
d521c9f2183c94f76c5d873ec66f3a4a0ec972db
3fa3a675e81cd449f4cdf0ccfa1537300903b9e94ef9177e605b9507a17e3f91
GET /wp-content/themes/alone/assets/js/jquery.stellar.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3189
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.2
160.119.252.7200 OK 9.7 kB URL HTTP/2 goodworkers.org/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.2
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (32004)
Hash 9047fc8f7fc787b71981795aa7be175a
d7911ba791b242ef768cf8d327958eb4205be806
35775582d489fc4fa05f7cdbb8f822c6039195b9d6b454bb02c12b3022731aea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.4.2 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9727
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/jquery.mousewheel.min.js?ver=6.1
160.119.252.7200 OK 1.1 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/jquery.mousewheel.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (2609)
Hash 47b998c4287cbc7c6a937715c57fb2e2
36c555f88c12b40198021fe3b8a48b1cfc4755fc
727dcadcb46d22c183334fe1d60f52ca714e38e786001d8bde2b0d8318b9cb85
GET /wp-content/themes/alone/assets/js/jquery.mousewheel.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1127
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/bootstrap/js/bootstrap.js?ver=6.1
160.119.252.7200 OK 14 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/bootstrap/js/bootstrap.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash df09e0aefdeb5cd10e7c6bd23f4ed4b8
b614fa020ab26a00db13a0b582e89fc90bacc4d2
6c3685ed102f79a0078ca1bd3541b37d4ea2159649c2873c89aa215803616457
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/bootstrap/js/bootstrap.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13839
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lightgallery.min.js?ver=6.1
160.119.252.7200 OK 5.1 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lightgallery.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (17684)
Hash 58181f80a5d079107772410e5bbeb638
e8f7cf268d089426a7dd8a269f53ace75a6f678b
7ac19fd7d806da2f778d4d6cb847b9dddad8fb7e0b7d038f9c78a2db49505263
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/lightGallery/js/lightgallery.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5135
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lg-autoplay.min.js?ver=6.1
160.119.252.7200 OK 951 B URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lg-autoplay.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (2820)
Hash 7cf023a11bd1d7052a2149323f516472
56fbf0303025fa7c7b87e45b2be048b506a28dcd
4ea07bda1295e2ba31328f8bed5a6390f80e493d5409ae36dc0b2818a33dd668
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/lightGallery/js/lg-autoplay.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 951
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/owl.carousel/owl.carousel.min.js?ver=6.1
160.119.252.7200 OK 11 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/owl.carousel/owl.carousel.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (32045)
Hash e5304c7bf01b833a199dcf3023f339cd
0fedb10c579a97a62bb5ad793abafd1078eb5c0f
71c9775fee0448068bb62ec815b7ef8403ac8eae4f9795481d9d23587a4c7040
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/owl.carousel/owl.carousel.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10705
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lg-zoom.min.js?ver=6.1
160.119.252.7200 OK 1.9 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lg-zoom.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (6551)
Hash 4c18f68595c131275c757dafc57e4b1a
1dad4e7a6b57f064883a98e18e62de5295ae1675
ecd952ba1f2a939fd09cdfd668807dc7e88c6fdcbd6999a37263e1c7b7ed3f77
GET /wp-content/themes/alone/assets/lightGallery/js/lg-zoom.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1915
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/tilt.jquery.min.js?ver=6.1
160.119.252.7200 OK 1.3 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/tilt.jquery.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (4487), with no line terminators
Hash 036356ddef5fc5f59e2de20624365bce
86abcf27382664ff75dc18c27e849a0084b38dd9
48cc396c97d90748080235df1e1211f6a037ce244d79d567e60155a1b0a180d1
GET /wp-content/themes/alone/assets/js/tilt.jquery.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1323
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lg-video.min.js?ver=6.1
160.119.252.7200 OK 1.6 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lg-video.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (5481)
Hash 5b0ce3b8859e513ed178386f6378a26c
8901603acde43d93f308b768c1bcadfe65bad6db
4887310c3393770421741ea85eb01e87dd4135da605e1f447edab091f8abdb0a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/lightGallery/js/lg-video.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1621
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lg-thumbnail.min.js?ver=6.1
160.119.252.7200 OK 2.2 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/lightGallery/js/lg-thumbnail.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (7332)
Hash f60ebd4222aee1d35751a8631f3e286b
5c832d1756468ca0da3d078766882d4e70f92e4d
d701344b70a2090a61e28d900aab13836531f2b6283fa8db1ab05c7e65166889
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/lightGallery/js/lg-thumbnail.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2207
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/sweetalert/dist/sweetalert.min.js?ver=6.1
160.119.252.7200 OK 5.1 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/sweetalert/dist/sweetalert.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (16994), with no line terminators
Hash 736b0fddd4ecea054957c4067f61e6a2
0b81c69accc33b22ce85d568d36352278ca553e2
b6bad7954c0921fbfb24af8e91d1996445e38fa7050d08d93b9b626b17245ea7
GET /wp-content/themes/alone/assets/sweetalert/dist/sweetalert.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5135
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/froogaloop2.min.js?ver=6.1
160.119.252.7200 OK 640 B URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/froogaloop2.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (512)
Hash d2cd8127e31c77e102d8e8498f95e235
9264f98cbdbd429195698f05423c890bde5f1a47
09956a3f0087ecec8b91210ebd9d9b070dcf41141ab1a6eced0ca8cccdd2b61b
GET /wp-content/themes/alone/assets/js/froogaloop2.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 640
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
160.119.252.7200 OK 4.6 kB URL HTTP/2 goodworkers.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 15:51:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/theme-script.js?ver=6.1
160.119.252.7200 OK 16 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/theme-script.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type Unicode text, UTF-8 text, with very long lines (323)
Hash 7be4d06ea69b86063addd597c558b67d
0e00d75953472d6c3d116901e72493e61753e34f
6c7831188888542ac0d47feb9c81cb1edbbf94bb0fe5140422adb1bff2ea91be
GET /wp-content/themes/alone/assets/js/theme-script.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15493
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/progressbar.min.js?ver=6.1
160.119.252.7200 OK 6.7 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/progressbar.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (21557)
Hash 03c0e9100853208905aa7be3a761bd91
4fab322c5a4e007b0ee9e36be42f85d797183360
9a1b1d15f866cc45fbe2adce9ae974b24dca992b0a1da1c19848cee4a2179a43
GET /wp-content/themes/alone/assets/js/progressbar.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6717
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
160.119.252.7200 OK 5.6 kB URL HTTP/2 goodworkers.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (20420)
Hash 69f30fc4fcdbbe74abb56b6c311b949e
29ebe916d6806f4164c9aed4ddf3b9207d2d4563
8d9d38428d7b733f6824514d3339f4c0ccb3c3bc933871ec1449267bfd2f81bc
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.4.2 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5554
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/jquery.waypoints.js?ver=6.1
160.119.252.7200 OK 3.5 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/jquery.waypoints.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash 197d685892ed05a5be42b44128585298
d9f7d439d7ffbe19a7777bad17bb43eab7c8c94b
7bbba63e94ec7ed91b4ee7e5beb2055a837bbd639e438f12511b12634f0309fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/js/jquery.waypoints.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:09 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3454
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/js/jquery.counterup.min.js?ver=6.1
160.119.252.7200 OK 492 B URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/js/jquery.counterup.min.js?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (912)
Hash b7523253ffe17544d842cec51f41bfd7
5a98298d99440f118d39c37e9897997724a21a02
1a1660850f8dedcb40bf2d42e99d09ec6bf32fc5aa282951099a6d1a2e0ce615
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/js/jquery.counterup.min.js?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:09 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 492
date: Sat, 24 Sep 2022 04:38:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
160.119.252.7200 OK 42 kB URL HTTP/2 goodworkers.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65358)
Hash db1354790b328c764f0c530a8c17a965
28a1fab2c5824b7b379e3c4bfa48afc9cca73cd9
60cfeab11940700b50832d50ba20d367213a55c93bbce1db80ffc43f403675ea
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.4.2 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Fri, 26 Mar 2021 12:39:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 42001
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/themes/alone/assets/css/alone.css?ver=6.1
160.119.252.7200 OK 105 kB URL HTTP/2 goodworkers.org/wp-content/themes/alone/assets/css/alone.css?ver=6.1
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type HTML document, ASCII text, with very long lines (460)
Size 105 kB (105031 bytes)
Hash efde8b46abd3c25b2cbf768f7ff8f058
d1938cc15f2864c5193810cc5ae460cfbd6e2b86
76e486bd729fc0b2fd4568b2810a90534bb282d6bfa495520a41fcb4ea4bcab2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/alone/assets/css/alone.css?ver=6.1 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: text/css
last-modified: Sat, 24 Sep 2022 04:24:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 105031
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
160.119.252.7200 OK 44 kB URL HTTP/2 goodworkers.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 4fabca2522b46655d66e80a8e0f51b99
90deed5fcafb260dceec850841a335d883072967
1b8b3b55102a08e2bf87c5a743baf2a24da44ce11a2da488a8afaa1fdf77134c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.23 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 43687
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
160.119.252.7200 OK 80 kB URL HTTP/2 goodworkers.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (64268)
Hash 936b1b618d3bddc2d104477daaa74d02
ac38e02617fc72ad076d0fdb0ca73703959f9fb2
dc37a25310eb56d9a14fa8ab9b67fd0807aee150dbcae3efaa60c2561b6c7707
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.23 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 79911
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/give/assets/dist/js/give.js?ver=e3e24119ee30d16d
160.119.252.7200 OK 49 kB URL HTTP/2 goodworkers.org/wp-content/plugins/give/assets/dist/js/give.js?ver=e3e24119ee30d16d
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1f87125b5cf5a183dd3ba93018044bbb
41d62fa42d5266e07febdfa4bdd218097f743b20
af8a36f504647ee2808bd07a14f7bf0c0b01f43ed01ab66a5418adf72d18aac2
GET /wp-content/plugins/give/assets/dist/js/give.js?ver=e3e24119ee30d16d HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 18:09:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 48995
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/uploads/2020/12/pic-1024x686.jpg
160.119.252.7200 OK 134 kB URL HTTP/2 goodworkers.org/wp-content/uploads/2020/12/pic-1024x686.jpg
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1024x686, components 3\012- data
Size 134 kB (133962 bytes)
Hash 9aaeaaa29734f57d37611cc5daaf71f6
1215a1904ca975aa276c391c153900a0ab3509cf
87e9e4968f4209686679cce507b81d55290c99ee7421e7aa2f6968a999f02f27
GET /wp-content/uploads/2020/12/pic-1024x686.jpg HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: image/jpeg
last-modified: Fri, 26 Mar 2021 12:39:42 GMT
accept-ranges: bytes
content-length: 133962
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/uploads/2020/12/7-scaled.jpg
160.119.252.7200 OK 482 kB URL HTTP/2 goodworkers.org/wp-content/uploads/2020/12/7-scaled.jpg
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1714, components 3\012- data
Size 482 kB (482500 bytes)
Hash f29abcc71e42b87972f788e3e4a192f7
271cac6b21aaa8aca0d8cf790fe8224be66e5aff
9bcc0885d05488ca3811a294dd281ee76a97a814217c0f8fc0c061cb6704c912
GET /wp-content/uploads/2020/12/7-scaled.jpg HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: image/jpeg
last-modified: Fri, 26 Mar 2021 12:39:42 GMT
accept-ranges: bytes
content-length: 482500
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
goodworkers.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
160.119.252.7200 OK 472 B URL HTTP/2 goodworkers.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 17 Jun 2022 18:32:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6222
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17912, version 1.0\012- data
Hash 4116d9a86a2889032aaca45779a997ca
c99f3ea2bd016a259a1cb864aa31b38def9cb667
3c46b18a1ccba221be436881e1649ef1bfd1e656184fcd535e84bc77c77e8e5d
GET /s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17912
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 19:30:27 GMT
expires: Wed, 20 Sep 2023 19:30:27 GMT
cache-control: public, max-age=31536000
age: 292063
last-modified: Tue, 23 Aug 2022 17:55:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
142.250.74.163200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 10016, version 1.0\012- data
Hash efc008ddacd9f630d61b0717e7864257
8c79a2fe12c7e4d80f053e40540e4544744600a5
c2cd3e005de210fcbb5372b4267c5d3d067e0564f017dd5ccba202d040f820d7
GET /s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:41:23 GMT
expires: Fri, 22 Sep 2023 06:41:23 GMT
cache-control: public, max-age=31536000
age: 165407
last-modified: Mon, 11 Jul 2022 21:03:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19292, version 1.0\012- data
Hash 19007b17e56daa60133bce9e9b352a95
bac1384caeae5762e7a1d8c18037f69c8cd21bc4
fd88a03358ba14440b78c6329717bdf6ed1a9fe97c3ad4e0a0a39d31fb1ac546
GET /s/questrial/v18/QdVUSTchPBm7nuUeVf70viFl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:03:15 GMT
expires: Tue, 19 Sep 2023 20:03:15 GMT
cache-control: public, max-age=31536000
age: 376495
last-modified: Wed, 27 Apr 2022 16:12:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v12/1Ptrg8zYS_SKggPNwIouWqZPAA.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v12/1Ptrg8zYS_SKggPNwIouWqZPAA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20484, version 1.0\012- data
Hash 47609ca009fcc8c0b7e6c54c0642c209
18ee91abe64947236fb8d416503c5fa9725452bc
a5deae693a68ced0b193d92289c4725f2f8f55e503b2d71d95d7959883b6b728
GET /s/raleway/v12/1Ptrg8zYS_SKggPNwIouWqZPAA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:45:09 GMT
expires: Sun, 17 Sep 2023 12:45:09 GMT
cache-control: public, max-age=31536000
age: 575581
last-modified: Wed, 11 Oct 2017 18:26:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.163200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:13:12 GMT
expires: Tue, 19 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 372298
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:32:09 GMT
expires: Thu, 21 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 205561
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 205631
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 205631
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:43:29 GMT
expires: Fri, 22 Sep 2023 16:43:29 GMT
cache-control: public, max-age=31536000
age: 129281
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 331629
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v5/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v5/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7864, version 1.0\012- data
Hash f6ef809fb833dbf1abcd5b35ab1576e5
c9ce9ebb9be35f1ed6e9f4f024529f0de64a80b2
1a193b11b14da136ed189612ddafcebe49986ab42977f97cd77158864163ef69
GET /s/poppins/v5/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goodworkers.org
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 07:12:37 GMT
expires: Fri, 22 Sep 2023 07:12:37 GMT
cache-control: public, max-age=31536000
age: 163533
last-modified: Wed, 11 Oct 2017 18:22:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/iframe_api
142.250.74.110200 OK 54 kB URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.110:0
File type ASCII text, with very long lines (509)
Hash 916e1ec7c3e9cd8cb0bd2604177d36ff
a75f42c3e0d7150099fcb69d75061892aa8bf169
c08156605d886876c90fa8a1db626dab062a1a8625f72ab9a90baffef267d572
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 24 Sep 2022 04:38:11 GMT
date: Sat, 24 Sep 2022 04:38:11 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=s74Ev7SBZpw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=rKBo2nRCbz4; Domain=.youtube.com; Expires=Thu, 23-Mar-2023 04:38:11 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+835; expires=Mon, 23-Sep-2024 04:38:11 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 04:38:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33edd8fdf7032227386d1514f99b2c4a
9fa34e0e3d456ed38d6e94911bf24990ed33ab0c
1d8ebbea41da3fbb5bd6784635f176bce0697a290635808166d269202bd3defa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3cb80186-265b-4b0a-a4b1-38aef341bfc9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8557
x-amzn-requestid: 51f41597-b094-47d7-b372-4c4c0236577f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tAXEO3oAMFTWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2868-30ad6e877ee82fcc4d17a7e6;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:43:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: KfRlAHaZjrBNyxoYsUtQZ0TgMGD99mnrC3GViYCTRcHPtDfgYbLczg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:02:30 GMT
age: 23746
etag: "9fa34e0e3d456ed38d6e94911bf24990ed33ab0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A800%2C700%2C600%2Cregular%7COpen+Sans%3A600%2Cregular%2C700%2C300%7CQuestrial%3Aregular%7CWork+Sans%3Aregular%7CArimo%3Aregular%7CMontserrat%3A700%7CQuattrocento+Sans%3Aregular&subset=latin%2Cgreek%2Clatin-ext&ver=6.0.2
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A800%2C700%2C600%2Cregular%7COpen+Sans%3A600%2Cregular%2C700%2C300%7CQuestrial%3Aregular%7CWork+Sans%3Aregular%7CArimo%3Aregular%7CMontserrat%3A700%7CQuattrocento+Sans%3Aregular&subset=latin%2Cgreek%2Clatin-ext&ver=6.0.2
IP 216.58.211.10:0
GET /css?family=Poppins%3A800%2C700%2C600%2Cregular%7COpen+Sans%3A600%2Cregular%2C700%2C300%7CQuestrial%3Aregular%7CWork+Sans%3Aregular%7CArimo%3Aregular%7CMontserrat%3A700%7CQuattrocento+Sans%3Aregular&subset=latin%2Cgreek%2Clatin-ext&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 04:38:08 GMT
date: Sat, 24 Sep 2022 04:38:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Serif%3Aregular%2Citalic%2C700%2C700italic&ver=6.0.2
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Serif%3Aregular%2Citalic%2C700%2C700italic&ver=6.0.2
IP 216.58.211.10:0
GET /css?family=PT+Serif%3Aregular%2Citalic%2C700%2C700italic&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 04:38:08 GMT
date: Sat, 24 Sep 2022 04:38:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:500%2C400%7CRoboto:100%2C400
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:500%2C400%7CRoboto:100%2C400
IP 216.58.211.10:0
GET /css?family=Raleway:500%2C400%7CRoboto:100%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 04:38:08 GMT
date: Sat, 24 Sep 2022 04:38:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
goodworkers.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?rev=6.2.23
160.119.252.7200 OK 0 B URL HTTP/2 goodworkers.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?rev=6.2.23
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?rev=6.2.23 HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Mar 2021 12:39:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 79911
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
goodworkers.org/wp-content/uploads/2020/12/6-1024x686.jpg
160.119.252.7200 OK 0 B URL HTTP/2 goodworkers.org/wp-content/uploads/2020/12/6-1024x686.jpg
IP 160.119.252.7:0
ASN #328364 Host-Africa-AS
GET /wp-content/uploads/2020/12/6-1024x686.jpg HTTP/1.1
Host: goodworkers.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodworkers.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 01 Oct 2022 04:38:08 GMT
content-type: image/jpeg
last-modified: Fri, 26 Mar 2021 12:39:42 GMT
accept-ranges: bytes
content-length: 81587
date: Sat, 24 Sep 2022 04:38:08 GMT
server: LiteSpeed
X-Firefox-Spdy: h2