Overview

URL www.budhibamanfoundation.org/
IP103.171.44.193
ASN282, Sector 19
Location India
Report completed2022-09-07 05:49:25 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-07 2 www.budhibamanfoundation.org/ Malware
2022-09-07 2 www.budhibamanfoundation.org/ Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/plugins/smart-slider-3/Public/Smart (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/et-cache/7/et-core-unified-deferred (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/themes/Bigpage-Divi-Child/style.css (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/plugins/smart-slider-3/Public/Smart (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/plugins/smart-slider-3/Public/Smart (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-includes/js/jquery/jquery-migrate.min.js?ve (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/themes/Divi/includes/builder/featur (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/themes/Divi/includes/builder/featur (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/themes/Divi/core/admin/js/common.js (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/themes/Divi/core/admin/fonts/module (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.10.6 Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/uploads/2021/05/New-logo.jpeg Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/uploads/2021/05/cropped-New-logo-32 (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/uploads/2021/05/cropped-New-logo-19 (...) Malware
2022-09-07 2 www.budhibamanfoundation.org/wp-content/uploads/2021/05/Women-Empowerment.jpeg Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (13)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fonts.gstatic.com (6) 0 2014-08-29 13:43:22 UTC 2022-09-07 04:49:31 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-07 00:21:17 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-06 23:22:01 UTC 143.204.55.36
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-06 22:23:33 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-06 04:43:30 UTC 52.13.69.101
mnemonic passive DNS www.budhibamanfoundation.org (30) 0 2021-04-26 11:50:43 UTC 2021-06-12 12:55:03 UTC 103.171.44.193 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-06 08:08:24 UTC 34.120.237.76
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-07 04:49:42 UTC 142.250.74.3
mnemonic passive DNS use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-09-06 04:53:12 UTC 172.67.169.247
mnemonic passive DNS budhibamanfoundation.org (3) 0 2021-04-26 11:50:41 UTC 2022-07-26 18:13:58 UTC 103.171.44.193 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-06 04:41:22 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-06 05:16:49 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-06 04:40:31 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 103.171.44.193

Date UQ / IDS / BL URL IP
2022-10-13 02:37:18 +0000
0 - 0 - 21 wishall.org/gsqpv/ballred-33.zip 103.171.44.193
2022-10-13 02:27:29 +0000
0 - 0 - 21 wishall.org/q3ylh/avagarcia-89.zip 103.171.44.193
2022-10-12 17:41:44 +0000
0 - 0 - 22 wishall.org/gsqpv/ballred-33.zip 103.171.44.193
2022-09-26 14:05:00 +0000
0 - 0 - 2 arpansociety.org/830124u5/login.php 103.171.44.193
2022-09-26 03:48:30 +0000
0 - 0 - 2 arpansociety.org/830124u5/login.php 103.171.44.193

Last 5 reports on ASN: 282, Sector 19

Date UQ / IDS / BL URL IP
2022-12-09 03:15:22 +0000
0 - 0 - 2 capturefotos.com/booklet.zip 103.20.212.129
2022-12-09 00:31:58 +0000
0 - 0 - 11 ladderkerala.com/dlsa/index.php?QBOT.zip 103.90.242.172
2022-12-08 15:42:09 +0000
0 - 0 - 4 103.90.241.9/ 103.90.241.9
2022-12-08 09:28:41 +0000
0 - 0 - 3 www.incometaxdelhi.org/gallery/thumnails/mix/b.php 103.20.214.86
2022-12-06 15:05:44 +0000
0 - 0 - 1 kirloskar-electric.com/ 43.252.88.96

Last 1 reports on domain: budhibamanfoundation.org

Date UQ / IDS / BL URL IP
2022-09-07 05:49:25 +0000
0 - 0 - 18 www.budhibamanfoundation.org/ 103.171.44.193

No other reports with similar screenshot



JavaScript

Executed Scripts (19)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (68)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 05:04:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sGocQEpmBCMOMwrp1bPoSxaKzb2UoX9VgSUT0JUGDo9l7krTsfav_g==
Age: 2675


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10865
Expires: Wed, 07 Sep 2022 08:50:19 GMT
Date: Wed, 07 Sep 2022 05:49:14 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uNIyOFYKWNaxXwYsou-TcYTM5OCykaI6n0gCwZgWTYWFExF_my0ViA==
age: 7360
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 07 Sep 2022 05:49:14 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 05:38:18 GMT
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 05:51:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RiP6nmvrmW0-4M3hpRSOR7ZnpWp8HCC0QYPeuUt6kPZsNev4IPoKOQ==
Age: 656


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         103.171.44.193
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 07 Sep 2022 05:49:14 GMT
Server: Apache
X-Redirect-By: WordPress
Set-Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; expires=Thu, 08-Sep-2022 05:49:14 GMT; Max-Age=86400; path=/ HUGMcej=%2A0h_kGOPm%5DX; expires=Thu, 08-Sep-2022 05:49:14 GMT; Max-Age=86400; path=/
Location: https://www.budhibamanfoundation.org/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4388
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 05:49:14 GMT
Last-Modified: Wed, 07 Sep 2022 04:36:06 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WeZpXiUiLWawmYlLsMK3+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.13.69.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /3gM5e+1Y1KojWivbvL4WIBwnV8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Wed, 07 Sep 2022 09:02:43 GMT
Date: Wed, 07 Sep 2022 05:49:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Wed, 07 Sep 2022 09:02:43 GMT
Date: Wed, 07 Sep 2022 05:49:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Wed, 07 Sep 2022 09:02:43 GMT
Date: Wed, 07 Sep 2022 05:49:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Wed, 07 Sep 2022 09:02:43 GMT
Date: Wed, 07 Sep 2022 05:49:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11607
Expires: Wed, 07 Sep 2022 09:02:43 GMT
Date: Wed, 07 Sep 2022 05:49:16 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2cde93c-0513-450d-8955-bde7c6e24fcb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8501
x-amzn-requestid: 5424e02c-4ff4-4d45-9e1d-7a43ac9a2d8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrvxFRRIAMFfug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bffe-5d1e19c74682a1c950221ece;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -_7fvry5PiqGos8cS42sr0MXgZzw34IxmsYoQ6ePjLFvtbFU3KWGcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:25 GMT
etag: "d7f050173460584cecb8e280aefeb0e0f3a8c1d6"
age: 28671
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8501
Md5:    b8270b1deb7d093ca8add7908bcc5136
Sha1:   d7f050173460584cecb8e280aefeb0e0f3a8c1d6
Sha256: 148080cd0f4f5aafcfc5a9d737dd99e101895f83a177e0dc15d27079cf6b56bb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb8aa6e-cd0e-437b-8dd5-987975f699c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9014
x-amzn-requestid: 774c43be-0f3a-48c2-8f14-b48b4b09767c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqN9tGsVoAMFVng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d9057-00c7330e5b1d960021691df2;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 04:21:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 77V2cHcwKSvu4b0ikOJ5s3yf-bcK2eh2Sfe85UrhyuRLpzudBO6vXQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:57:28 GMT
age: 24708
etag: "ef57fc0f565c41e42637ca1a71d3143c20a7c2e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9014
Md5:    7ef4fa1124d22326a35b623fbe8c5265
Sha1:   ef57fc0f565c41e42637ca1a71d3143c20a7c2e6
Sha256: 8dd5cbcd791cf3db88011ac65a1097a491d0fd0e1e52eb879c2ef27f22c2d3aa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 29274
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8462
Md5:    70c964498818242b742575cfa1769b67
Sha1:   cde85fbe83c9e29618edf4e05002bd623e3ab965
Sha256: bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff29f2a08-1dd5-4577-ae0d-6852e6e83ba7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5384
x-amzn-requestid: 6888919c-b9fb-43da-a080-0dde24422b4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqZHHA5oAMFjzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd3-7f32bdc673d113da6e69b413;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FvxWL8FJUrDyhFhyYXIuArDhRgFUyTurACy5-POlVjXeskWas-d2pQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:25 GMT
age: 29271
etag: "cfca3a21a33e58f300343f643634c50a924bb6db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5384
Md5:    6447311cd0f34fb9cde4e21946e0d8af
Sha1:   cfca3a21a33e58f300343f643634c50a924bb6db
Sha256: e2de947b52e13a0350c5b6904020924b957161d825930677386185a62d2f2401
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74f48f7-6138-4042-9b4c-f63bb036324f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11972
x-amzn-requestid: e71daf97-7463-492d-b55a-0eab022d8b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0nI2G1tIAMFk2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b89e-7d6c6d1769649d371c505453;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 08:02:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fOWoYZ9FyUKt55cLxVvwCBhX0DzsF2yPaX2Y6USE6OZcNFe3lWyOHA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:42 GMT
age: 29194
etag: "3dcd7b5ca2cc9ab604df554b341d1e08bffaa3d7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11972
Md5:    124a0c0a970006aa660031b5e0ec70d9
Sha1:   3dcd7b5ca2cc9ab604df554b341d1e08bffaa3d7
Sha256: 14c5c6aaf110c123037eb860ecc9d386d46af55fe54cb50f9d1ad430f7e0c516
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8639d630-8c8a-4807-a0b9-15086c24357f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11675
x-amzn-requestid: 4dec6362-eb2a-4cd9-b92e-c569f31b2cc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3OeFGyboAMFzqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312c459-1506326857a16d2f3bbb231c;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 03:04:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YgSKXkER0MzEbjO3lpl_uMkqf8hB_V1Scbj75aaP2_zxXt_Va-ZaCg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:26 GMT
age: 28670
etag: "de4df8a9282e9cec140c9074a140f72fb3dc896e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11675
Md5:    c59fa99ae2913811dc92e67032c57394
Sha1:   de4df8a9282e9cec140c9074a140f72fb3dc896e
Sha256: bb5841642c985c12489b7b23a2a95571864896eef9a04645e61029f9f6717bdc
                                        
                                            GET / HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 07 Sep 2022 05:49:15 GMT
Server: Apache
Link: <https://www.budhibamanfoundation.org/wp-json/>; rel="https://api.w.org/", <https://www.budhibamanfoundation.org/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <https://www.budhibamanfoundation.org/>; rel=shortlink
Set-Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; expires=Thu, 08-Sep-2022 05:49:15 GMT; Max-Age=86400; path=/; secure HUGMcej=%2A0h_kGOPm%5DX; expires=Thu, 08-Sep-2022 05:49:15 GMT; Max-Age=86400; path=/; secure
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24609)
Size:   397556
Md5:    b1ae3dfe7dbbad8bc7658395db83dabf
Sha1:   d533d435129056e833e1ae7a26841ac14c268a4b
Sha256: f2aabfa38a61461505d1f24861277eb5b736bbf806723db3b5b83c8a35984315

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/et-cache/7/et-divi-dynamic-7-late.css?ver=1662445268 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 06:21:09 GMT
Accept-Ranges: bytes
Content-Length: 4982
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4982), with no line terminators
Size:   4982
Md5:    2cbe66ec563f870b991693b73b1e95a8
Sha1:   a578d9e44a662877ce1b5b8e4a11f1289fb4aa45
Sha256: 135876eb804637f28e21107f0814a673abf5319b7f7c6d6e77f66b75f806e2fa
                                        
                                            GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider.min.css?ver=e122aaff HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 16:37:43 GMT
Accept-Ranges: bytes
Content-Length: 22127
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (22127), with no line terminators
Size:   22127
Md5:    31fba5583a340f2cc87484d1a46762fc
Sha1:   3a46b6e31fceeed0b7e56d7f8f85196db4aabc8c
Sha256: c7614a10120e822e3c3a873521ee083b57b5f0ca2417ffe045a7b9783f86bf98

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/et-cache/7/et-core-unified-deferred-7.min.css?ver=1662445269 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 06:21:09 GMT
Accept-Ranges: bytes
Content-Length: 11967
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (11967), with no line terminators
Size:   11967
Md5:    807a32b7f2aeb8b7012497295c0145cd
Sha1:   0acdc5b44ba1d5063cf1cdfd7445caf73615c17b
Sha256: 5e04ea34d982c1b0ccd327c36e78746a139da11c004063842e87abd6de0ec08a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/Bigpage-Divi-Child/style.css?ver=1.0.0 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Mon, 14 Dec 2020 06:03:43 GMT
Accept-Ranges: bytes
Content-Length: 419
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   419
Md5:    e60e562c7c6a0add2c7ca5712df8006b
Sha1:   bef0e1d48e68db9aab7944bb2b51051f386e5093
Sha256: 91ea9ad4ff3fda8881503db0f9d80c38d396e3b1f5360ff20aa5f2bacb584c0e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Slider/SliderType/Simple/Assets/dist/ss-simple.min.js?ver=e122aaff HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 16:37:43 GMT
Accept-Ranges: bytes
Content-Length: 13218
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (13218), with no line terminators
Size:   13218
Md5:    ad4ad2932717545b31d62964a646841d
Sha1:   d8c90ca5f4b18713aa5b2e640473f407a59e8a01
Sha256: 977f533f2c22580d8b5f886fff1230be1fb8b90d8587e9757685f286cb2d2b0a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/didactgothic/v19/ahcfv8qz1zt6hCC5G4F_P4ASlUuYpg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.budhibamanfoundation.org
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 00:05:57 GMT
expires: Sat, 02 Sep 2023 00:05:57 GMT
cache-control: public, max-age=31536000
age: 452601
last-modified: Thu, 21 Apr 2022 16:53:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16780, version 1.0\012- data
Size:   16780
Md5:    442e4ee909315121ec3abc8db2f5c2e5
Sha1:   c8ad6315296b32c25350e9c7c724d10a2a745cb6
Sha256: 9143c69a1b271019aa0c602b4addb1c0256e503785c1ddd6163c2cb176c50768
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.budhibamanfoundation.org
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 45537
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.budhibamanfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:08:00 GMT
expires: Tue, 05 Sep 2023 21:08:00 GMT
cache-control: public, max-age=31536000
age: 117678
last-modified: Mon, 09 May 2022 18:33:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   28605
Md5:    01f498ef62514bf5b4b018ea83745e7c
Sha1:   b5f2e992b6c24fa7a7e724606f0728d62f6ced2c
Sha256: 331e8d571532ff963b189d496a0e605e99301b652d84e343e5925c76814aad56
                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.budhibamanfoundation.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:23:57 GMT
expires: Tue, 05 Sep 2023 21:23:57 GMT
cache-control: public, max-age=31536000
age: 116721
last-modified: Mon, 09 May 2022 18:31:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16920, version 1.0\012- data
Size:   16920
Md5:    875cd87a3bfd0a454005f2b07ba35328
Sha1:   2ee20c6c9d1549d8d38b538e00903a75f5e02307
Sha256: 976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
                                        
                                            GET /s/actor/v17/wEOzEBbCkc5cO0ejVSk.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.budhibamanfoundation.org
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:38:02 GMT
expires: Wed, 06 Sep 2023 22:38:02 GMT
cache-control: public, max-age=31536000
age: 25876
last-modified: Tue, 19 Apr 2022 19:22:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21976, version 1.0\012- data
Size:   21976
Md5:    7ee7f470152787952958d6adfa07b2ac
Sha1:   14a09075b2cbec9ff65302de9d634f9011f70e53
Sha256: b31aaefa522d67846638fa4181bbb22375bd0cb1beb37d514609c3821953161a
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.budhibamanfoundation.org
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 45537
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size:   23040
Md5:    de69cf9e514df447d1b0bb16f49d2457
Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655
Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Widget/Arrow/ArrowImage/Assets/dist/w-arrow-image.min.js?ver=e122aaff HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 16:37:43 GMT
Accept-Ranges: bytes
Content-Length: 1248
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1248), with no line terminators
Size:   1248
Md5:    254ab7640f7b59732d696cec4ce249cf
Sha1:   88a99f0033fd6728cebfd423b29773043364a464
Sha256: d1a3d8fbac5486ce5a1079c3bca1c72f89c65d47a6c2c2dd367101c3c7e515b4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Fri, 07 May 2021 06:58:09 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   11224
Md5:    79b4956b7ec478ec10244b5e2d33ac7d
Sha1:   a46025b9d05e3df30d610a8aef14f392c7058dc9
Sha256: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /releases/v5.12.0/css/brands.css?ver=6.0.2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.169.247
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 07 Sep 2022 05:49:17 GMT
x-amz-id-2: H9rD78W8KlSlNVIroJo0RmJXVAJxHJjToYjzOGgd6BWD6Er5CR6Ym+Y+UGWnA1pg/TIWnXnk7gc=
x-amz-request-id: BCV5J0KBTHE0KC37
last-modified: Wed, 30 Jun 2021 15:37:54 GMT
etag: W/"db3b745079e4606a70685c661ea1324b"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 642117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpnTWn7zF307XZ0ecZjCujTjFyAHEiciO%2BVTrv2udawNJ84oQy35GBTnypOw4ayy5qj%2Bu8hdS0v9PVazbHKpjNJ0BXW57Ej5i%2FZL8HgmuwqCh1LlOmcEVeyOFr%2BShVFWILnGCre0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746d29055caeb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (475)
Size:   39596
Md5:    fa456e849443fcc34e509e2f2d44e4af
Sha1:   0f94e4a7889caba7cf3057106b082b8017541dba
Sha256: 3e98429dd8b5d3a5cd1c4fee8cd8072aa7f959b40ffc8758230bb2620a301ad4
                                        
                                            GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/n2.min.js?ver=e122aaff HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 16:37:43 GMT
Accept-Ranges: bytes
Content-Length: 41234
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (41234), with no line terminators
Size:   41234
Md5:    5a3d48c8d1539cbbc1348a34f19bc5b5
Sha1:   7a00176dc391610a5abd777dae0a56039118a3f0
Sha256: 18cdc7b2c0b6d5c4c3edb70b1e835dc8d94e5a81eb1ed7ea5537d62eab895223
                                        
                                            GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/hashchange.js?ver=4.10.6 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Sat, 04 Sep 2021 09:17:50 GMT
Accept-Ranges: bytes
Content-Length: 16279
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   16279
Md5:    c7c438059510a08bf529517a69c5c644
Sha1:   2991228888ac619d75b62792bee38cbc842db1fd
Sha256: 92857c04210d76e4febf6a08cf182c5e9db652059579046159934f414d723266

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.10.6 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Sat, 04 Sep 2021 09:17:50 GMT
Accept-Ranges: bytes
Content-Length: 22786
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (21184)
Size:   22786
Md5:    b709961dd29d261ee0ce8fb17101874a
Sha1:   9a286eaaa964091528b256c81bb446c7072b7e19
Sha256: 0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
                                        
                                            GET /wp-content/plugins/smart-slider-3/Public/SmartSlider3/Application/Frontend/Assets/dist/smartslider-frontend.min.js?ver=e122aaff HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 16:37:43 GMT
Accept-Ranges: bytes
Content-Length: 113421
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   113421
Md5:    0db52f45ea67351a5732dc1a7309cfb3
Sha1:   e2a41b3763efdf7c163a277607a2e33ad36b9070
Sha256: 5a55c7583554a375aa286b90983650c12f1c100300ebe09c5ffa9351fba8247f
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:18 GMT
Server: Apache
Last-Modified: Wed, 21 Jul 2021 07:53:04 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   89521
Md5:    02dd5d04add4759122013c5ab4dc5cc2
Sha1:   a45a56e396ac549b4ff39b696ce9e0c16a7612de
Sha256: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.10.6 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Sat, 04 Sep 2021 09:17:50 GMT
Accept-Ranges: bytes
Content-Length: 8509
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (6260)
Size:   8509
Md5:    04207c24a63069dd1328d4e415fa70aa
Sha1:   807d20a9492e8dda4ae9ea2129aa5e56c761d5a8
Sha256: bffafb30adf0c09bfbf909eaa779391296499123dc3d90e429056ec896b2ebb9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.10.6 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Sat, 04 Sep 2021 09:17:50 GMT
Accept-Ranges: bytes
Content-Length: 1343
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1343
Md5:    d71b75b2327258b1d01d50590c1f67ca
Sha1:   b7820e4ffb6becc133c48f66d9f683545530b959
Sha256: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Wed, 13 Jul 2022 04:31:17 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   88932
Md5:    b7915926fe42d76e9c802353ab01dae4
Sha1:   3a8192a4312f25f53de25b100d62829c0f14d67c
Sha256: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
                                        
                                            GET /wp-content/uploads/2021/05/target.png HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Mon, 10 May 2021 11:49:44 GMT
Accept-Ranges: bytes
Content-Length: 48518
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   48518
Md5:    a4fb72fd9491043a40f860b670049075
Sha1:   56751d32ca6b1ac13a1c2e13c298b776cd85c8dd
Sha256: 279399337684ba8daf18d02a219446b559797c439c52d04858c118d76a3ee15a
                                        
                                            GET /css?display=swap&family=Nunito+Sans%3A300%2C400 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 05:49:18 GMT
date: Wed, 07 Sep 2022 05:49:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   30968
Md5:    3763cb86ed13d75e6f1647b7b6c8a90b
Sha1:   0118d80d552e892e7a6375227166fda6e2362ddc
Sha256: 05f712027c2c3b0ad1322d1d99208c9d4400c4e5a997298e1d674e48f2ea9695
                                        
                                            GET /wp-content/uploads/2021/05/vision-1.png HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Mon, 10 May 2021 11:49:45 GMT
Accept-Ranges: bytes
Content-Length: 37562
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   37562
Md5:    76a5cbfe8a81244490891c52f09fe3f6
Sha1:   1374f81b0a7234fa20cd5e3f07726049b5d7ef28
Sha256: d84f248ff817fd042521f2eb5533e3baeaa9721819bf97ebbd8239d65f4b3716
                                        
                                            GET /wp-content/uploads/2021/05/goal.png HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Mon, 10 May 2021 11:49:46 GMT
Accept-Ranges: bytes
Content-Length: 19398
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   19398
Md5:    50e0c5dd92e0afb0d29f749e17bd7c95
Sha1:   09b377c0f47fd63379bfb40f286995f3ff8aa0ff
Sha256: 4f236bb04a3d8505d7077885daf3a4c3db82b686d4311cf0331c48cade177f92
                                        
                                            GET /wp-content/uploads/2021/01/donation-bg-1.jpg HTTP/1.1 
Host: budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Thu, 28 Jan 2021 11:13:12 GMT
Accept-Ranges: bytes
Content-Length: 29355
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 579x432, components 3\012- data
Size:   29355
Md5:    6ef19366ac59af0a949184be031a89ab
Sha1:   e548c128b55b66b499e4498ec475778f906a7748
Sha256: edb8aa310ee114cc51c3af3e6ea5dcc458ab2b1d29ee7b8cc223d82a75850ee4
                                        
                                            GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: font/ttf
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Sat, 04 Sep 2021 09:17:50 GMT
Accept-Ranges: bytes
Content-Length: 92400
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, modules \012- data
Size:   92400
Md5:    de27b3e66b2f8017e000aa9d8d24d60e
Sha1:   e6d716de8f35ba6daf55d57e7fe0ed8d8e50f1f7
Sha256: d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.10.6 HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Sat, 04 Sep 2021 09:17:50 GMT
Accept-Ranges: bytes
Content-Length: 254120
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65467)
Size:   254120
Md5:    6dccdfa396d10e4b7d5eb063c09f7667
Sha1:   06615458622f35de3c1e0f14a757718a5ad39fd9
Sha256: 56f6ba9d3f7eb3d795c335af2320b0504d48c6d4cc8f0a0ffa27b9249df182ac

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2021/05/New-logo.jpeg HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Sat, 29 May 2021 06:59:26 GMT
Accept-Ranges: bytes
Content-Length: 12319
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 176x148, components 3\012- data
Size:   12319
Md5:    74d5f84657f40308fe5ecc1d53a76f39
Sha1:   b3922d6f6e04fd2282c18df105034dd1d2744cda
Sha256: c3a39f88d7377a933ce5f6b9db02d8fc6d9aebe49ffb7a0f9290e0166a55b149

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2021/05/Environment-Awareness-Program.jpg HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Mon, 10 May 2021 12:00:27 GMT
Accept-Ranges: bytes
Content-Length: 59163
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x426, components 3\012- data
Size:   59163
Md5:    80c5b95f52e29e375931faf17d9ee2ec
Sha1:   937725f72866fa053f74a9f4e165b8eab5764e8b
Sha256: fd12745fb65e8b129332d194ff8df75603250cdaa32e3637706b3bca1c509a5d
                                        
                                            GET /wp-content/uploads/2021/05/bg-img-3-1.jpg HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/wp-content/et-cache/7/et-core-unified-deferred-7.min.css?ver=1662445269
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Tue, 11 May 2021 07:35:08 GMT
Accept-Ranges: bytes
Content-Length: 569
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 9x7, components 3\012- data
Size:   569
Md5:    eb99cb8b5a57ed560767b34f58673e6b
Sha1:   a17c440a48d53db78abfeeee49c93906db25baea
Sha256: 062d0beb7a5a07aafd1cbae10513834c81b52d0d2445f9bb903e40e093fd1bd7
                                        
                                            GET /wp-content/uploads/2021/04/floral-design-variant-border-2-300x109-1.png HTTP/1.1 
Host: budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Thu, 01 Apr 2021 04:16:38 GMT
Accept-Ranges: bytes
Content-Length: 17552
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 512 x 186, 8-bit/color RGBA, non-interlaced\012- data
Size:   17552
Md5:    33180ae2416e4836ad7f8d2772816c76
Sha1:   42ef0e15f05bc84714e8116ecbc992ec4fc79010
Sha256: 6d4ab755ee50b674b144591161fd5f6478e4d26808c9441980b10faaf5d171b5
                                        
                                            GET /wp-content/uploads/2021/05/hands-4114905_960_720.jpg HTTP/1.1 
Host: budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:19 GMT
Server: Apache
Last-Modified: Mon, 10 May 2021 12:09:04 GMT
Accept-Ranges: bytes
Content-Length: 188840
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, manufacturer=Canon, model=Canon EOS 6D], baseline, precision 8, 960x640, components 3\012- data
Size:   188840
Md5:    7b7d9a65f51106e7385ba4689af64680
Sha1:   cbae2119c5f6ce9f8ab9f93633e225524b972367
Sha256: 3850dc05d3c2c8810a16b3609e73ebf85dc99d9de4c15c691f8610fc30e28417
                                        
                                            GET /wp-content/uploads/2021/05/cropped-New-logo-32x32.jpeg HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:20 GMT
Server: Apache
Last-Modified: Sat, 29 May 2021 07:24:53 GMT
Accept-Ranges: bytes
Content-Length: 1009
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 32x32, components 3\012- data
Size:   1009
Md5:    383e2623e05e0ac67848777651bd8a87
Sha1:   07ea686bc3cdd0174dfa1eb1e7f91f12d87aac93
Sha256: 71825b7a1696ba271333adc427a9bb499262b916e3e7b3b7941176adf7c478bd

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2021/05/cropped-New-logo-192x192.jpeg HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:20 GMT
Server: Apache
Last-Modified: Sat, 29 May 2021 07:24:51 GMT
Accept-Ranges: bytes
Content-Length: 9106
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 192x192, components 3\012- data
Size:   9106
Md5:    b06cdd01c0ec662865d5a51f75ca0dd4
Sha1:   0ee334898dcb6f7f49c1698ad133f08a575d8ce3
Sha256: 42a122676a3fa674d1f26b6b66324937c5c5541fafd4dea711118c223d666c6e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2021/05/document-2178656_1280.jpg HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:20 GMT
Server: Apache
Last-Modified: Mon, 10 May 2021 12:10:19 GMT
Accept-Ranges: bytes
Content-Length: 125015
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1280x853, components 3\012- data
Size:   125015
Md5:    85cd18f0a587e0aa3d68de078bd9f9a8
Sha1:   311a113c70831f04584928d5c037d490e02383d1
Sha256: b0bdc0ddbdfae7863b325bb84f1cde18d3dc2e445068e05281fdb6640206a9aa
                                        
                                            GET /wp-content/uploads/2021/05/Women-Empowerment.jpeg HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:20 GMT
Server: Apache
Last-Modified: Mon, 10 May 2021 12:00:55 GMT
Accept-Ranges: bytes
Content-Length: 84306
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x426, components 3\012- data
Size:   84306
Md5:    3cbd42018355052025e744662aff5197
Sha1:   d8900843f67127a2927411e317209318a00fcd76
Sha256: 6392a19d8aa0345e41dd666da19a2a4d42905732d2146897fbe2dd8a4889cb01

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2021/05/hands-4114905_960_720.jpg HTTP/1.1 
Host: www.budhibamanfoundation.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Cookie: CZKuAe=Y%5D.hqD43bwdJs0L; HUGMcej=%2A0h_kGOPm%5DX
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         103.171.44.193
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 07 Sep 2022 05:49:20 GMT
Server: Apache
Last-Modified: Mon, 10 May 2021 12:09:04 GMT
Accept-Ranges: bytes
Content-Length: 188840
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, manufacturer=Canon, model=Canon EOS 6D], baseline, precision 8, 960x640, components 3\012- data
Size:   188840
Md5:    7b7d9a65f51106e7385ba4689af64680
Sha1:   cbae2119c5f6ce9f8ab9f93633e225524b972367
Sha256: 3850dc05d3c2c8810a16b3609e73ebf85dc99d9de4c15c691f8610fc30e28417
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06ecbe48-320f-4519-b483-d18aef3d2553.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9979
x-amzn-requestid: dd8213ad-743d-4427-b71b-b149394fc69b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X-FSLFLXIAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63158274-31ee142e3fec71c16a5221f0;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 05:00:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GkJqu6f6Jrh3zDUi0D0DRNENK7wnNyztFsn7EXdpXjI9yWDPrj8fhA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:11 GMT
age: 28812
etag: "0982f165e38844efca891ed93a50bdd7207e0a0b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9979
Md5:    f0408a050e5a372bd7779e85c795657c
Sha1:   0982f165e38844efca891ed93a50bdd7207e0a0b
Sha256: 9edf3e51b6d968619b4996b478e66a10dc44df3e1d4eeeb72b414fa3cc7a422f
                                        
                                            GET /releases/v5.12.0/css/fontawesome.css?ver=6.0.2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.budhibamanfoundation.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.169.247
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 07 Sep 2022 05:49:17 GMT
x-amz-id-2: QBvCkI5CPG2Ep6BZ3MiMR0D5sadrWzG+TjjsnKwhE58P8DQBtwzDw1yFAcXRo9Sq0puVJNp3XBA=
x-amz-request-id: BCVDMYHFXK8VDB2E
last-modified: Wed, 30 Jun 2021 15:37:54 GMT
etag: W/"fc6ece0b999d414f53c25c3999397fee"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 642117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Jme%2BuR2P7w%2BVWFf%2BWSEgpYLFdHPnZaM8Ab%2B1xEAE4JGK5dZFlQQZBItRtmDyl82Uva8kLE%2FGP3HiovRi7w0xHpdAQBbncjFlb%2FuJ6NhkZuv9YaJHY7vwYZ0lXU1NSJYfssKi9kU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746d29055cabb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---