r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6562
Expires: Sat, 03 Dec 2022 05:48:52 GMT
Date: Sat, 03 Dec 2022 03:59:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 448
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:30 GMT
Etag: "6389d3f3-1d7"
Last-Modified: Sat, 03 Dec 2022 03:52:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5464
Expires: Sat, 03 Dec 2022 05:30:34 GMT
Date: Sat, 03 Dec 2022 03:59:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 03:19:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2372
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e5a/MO5BVBZMo/vCZqwajm9NDAy5QmHCQ+sU8QANjoNyt4T5La8/2vbfWnZ965t2AUidXMGz25rgB/bKZA/fBQ==
x-amz-request-id: JV4KJXHQJ2CYCTSN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 03:46:58 GMT
age: 752
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
137.63.144.2301 Moved Permanently 286 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
IP 137.63.144.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 730358d312ddbf5dabdf40f55f0e9e97
bf3b223666385f151bf12eb5795698de82f01a0d
938906f6bb8949e51c07d28655521064dcf2442c5ef843e283ff934d0c5a3347
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/suavizar/login/mkbnetbankar/login.php HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 03:59:30 GMT
Server: Apache
Location: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Content-Length: 286
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 03:59:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 03:08:58 GMT
cache-control: public,max-age=3600
age: 3033
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f0f143d36b86df335d9a8dc7d1225a31
116e5d368ac7a480f6ace88a4a5eae35edac2304
37cfef10940da2971ea495325d8db7f22b3c49e6bf3636e7fab9f6148fae4288
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37CFEF10940DA2971EA495325D8DB7F22B3C49E6BF3636E7FAB9F6148FAE4288"
Last-Modified: Thu, 01 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Sat, 03 Dec 2022 09:59:14 GMT
Date: Sat, 03 Dec 2022 03:59:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 444
Cache-Control: max-age=105287
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:31 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:14:18 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.70.68.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.68.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vT11MhIAr+N7XvSyAjprRw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: smUn5GW4NyLKgYs74tlnhrq/dsY=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Sat, 03 Dec 2022 04:40:33 GMT
Date: Sat, 03 Dec 2022 03:59:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Sat, 03 Dec 2022 04:40:33 GMT
Date: Sat, 03 Dec 2022 03:59:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2461
Expires: Sat, 03 Dec 2022 04:40:33 GMT
Date: Sat, 03 Dec 2022 03:59:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fea74a471d9b45d94402298988d827
11dbe272c75ad8dda9fe66062f761ad0a978c350
ddcf2de56e0fa45e50b45bb021a7b212ddf1ba5a108a849df04ad109809913bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b481c9e-a8af-468b-b839-a5948a749564.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4996
x-amzn-requestid: ac93701b-5591-447b-abcd-6dd7c8236d63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1EmIoAMFUyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-62984f247ab5233275eefc7f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vGYoBLRpnjjxEKkZe8ZJKTn-fPpiKwyvQqUUujW3Ro0cO2R__q-OAg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
age: 22205
etag: "11dbe272c75ad8dda9fe66062f761ad0a978c350"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:43:28 GMT
age: 15364
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94556ef834fbd97092ea3e546fece90d
3f75442d8577c6272b9a3fdf2c5d1305c5e02703
0e49c3b246f4f999404e408e5326c636584f18ddaeec4ff50ffdd74ad48b9dd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10454
x-amzn-requestid: 3c95e941-d127-43a5-a338-7fff4e751367
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfcG82IAMF2JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f95-4dde51fa769890d057216cfa;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9SmDwSJvrZtLjFHfJaAyU400NiFVaBvpQhBGte0ghHYwc2UGj-rT6g==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:46:19 GMT
age: 69193
etag: "3f75442d8577c6272b9a3fdf2c5d1305c5e02703"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a483cb4f5948987ff2fa6be8d8f3c4ab
3b36c020f5fc38693ac159e5747518a3234ba8cc
a1c33278142371a168ca50aff0c5dc887461a9c83251e397d45c957c7cf788e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a2ea57-9c46-4205-a91a-a39e992ffe29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6042
x-amzn-requestid: f28e5f64-3737-455c-accc-86a37dfef4b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPeXHUKoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f8e-20a6aba25e200ff41c6dab91;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bLltF1-sTeAt9wHZVQTsbPQRRw8yteYRgK9XPUmhO3jMLcywS_bYDQ==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:29:46 GMT
age: 77386
etag: "3b36c020f5fc38693ac159e5747518a3234ba8cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac15b0561874b0e98a14d037e06dc444
38197764b12e149806126e8a187b0571630d5b26
b4e8ca67dc3e119e2a41d1a362641a1354d5ef68ad18eaa4383e82d38d3c0399
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7216286-96f7-46a8-9738-52007e2fafb6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8169
x-amzn-requestid: a3054dff-b0dd-43cb-ade7-7ec1df6e672f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPWH4DoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2e-788f6fdd1a5e024259e58d80;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iZ_LKVuzrzJhdZsN8aG3wj7mtI2Bcx490Jx8g6KJ_nSMBgBFwIiXQw==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:08 GMT
age: 22104
etag: "38197764b12e149806126e8a187b0571630d5b26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 22205
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
137.63.144.2404 Not Found 42 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
IP 137.63.144.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1911), with CRLF, LF line terminators
Hash 857720c7c66d5a80d7efaf86659112d2
c3e7815844285d348694b491f180e81542e797dc
3b8b0ff65582f379e2ad616071ab442413bc21715a6cead46d622a7c062daa4e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/suavizar/login/mkbnetbankar/login.php HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 03:59:31 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Set-Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r; path=/
Pragma: no-cache
Link: <https://rif.mak.ac.ug/wp-json/>; rel="https://api.w.org/"
X-TEC-API-VERSION: v1
X-TEC-API-ROOT: https://rif.mak.ac.ug/wp-json/tribe/events/v1/
X-TEC-API-ORIGIN: https://rif.mak.ac.ug
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400,500
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500
IP 142.250.74.106:0
Hash 4eaa28d9151e4e34153d19b3605cfc00
bf32fc85096ad7310f10d5212a7be2adf951ff48
9cbe61f43ec3a4b53507fece36a9d9ae52e8c4958a1174d04147e5a66e6ee968
GET /css?family=Roboto:400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 03:59:33 GMT
date: Sat, 03 Dec 2022 03:59:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-F041G50W6C
142.250.74.40200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-F041G50W6C
IP 142.250.74.40:0
File type ASCII text, with very long lines (20080)
Hash c97bec1a1b4722b9f23abbb304c1621a
ff98a637d3ab733b79d70e1c04399f01fc3ad23e
6197018115ef9a2b804cea5e0dc211838f2937eb7474ebeabceb77fb26260193
GET /gtag/js?id=G-F041G50W6C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 03:59:33 GMT
expires: Sat, 03 Dec 2022 03:59:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8
137.63.144.2200 OK 16 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash c6efcd93a4cca2bebf58de385f65ca80
172f3dcd8fe44ed28d77c9996f376f998c85dd38
b1c9554ecb00cdeff91028b6df899fe66a69b51c6001a95133a07558b37495da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 08:48:05 GMT
ETag: "3d13-5a0cca5057d87"
Accept-Ranges: bytes
Content-Length: 15635
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1
137.63.144.2200 OK 1.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (1634), with no line terminators
Hash 5f209d26ccda9892a1fa030b3062a59d
7d6522a7107d3e8d60e37740f2f91844be48689b
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:09:00 GMT
ETag: "662-5b5779816e0ae"
Accept-Ranges: bytes
Content-Length: 1634
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2
137.63.144.2200 OK 1.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1939), with no line terminators
Hash 80145dc9e4908a34d14ca5a87d33c6d7
45524ba47da72574c224ed819104e4ce251b3cd6
45f461bf78813a1ee5c3a025b6b9bf83f9c78da98390f7208826dbd64573ec10
GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "793-59cb3e43e5aab"
Accept-Ranges: bytes
Content-Length: 1939
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1670039971
142.250.74.106200 OK 1.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1670039971
IP 142.250.74.106:0
Hash 0210a949e6b6f6083830de59c60ac01a
d1e8038e4a0559569849b171cc0bbde657b03a62
476712cc4090cb15820fe60d5c432ff67d7589c9d4cdabde792e6925059fb842
GET /css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1670039971 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 03:59:33 GMT
date: Sat, 03 Dec 2022 03:59:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2
137.63.144.2200 OK 5.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1146), with CRLF line terminators
Hash 8d517df24eb8309c995b98404b5845f6
7f63d83fc86dc430e7c30026a313d1ca6b53ae4c
11df23d06c2fdaab8008791b75abea58621728637c7c4b00cb9d1117584400df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "15ca-5d54dff31d0a6"
Accept-Ranges: bytes
Content-Length: 5578
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1
137.63.144.2200 OK 27 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (26843), with no line terminators
Hash 243eb3ecefba8d3f5e9bcc9ba2e2d743
39a83a22e3ebac8ca17e414e6f069ddc442a07d3
7c6d3da39b43a0322a762fd047157070ae066272f31a9863b39152bfb102b273
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:09:00 GMT
ETag: "68db-5b5779816dcc6"
Accept-Ranges: bytes
Content-Length: 26843
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
137.63.144.2200 OK 1.7 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
IP 137.63.144.2:0
Hash 8983e25a91f5c9981fb973bdbe189d33
30cd5e3a1f0cd121cfd1893b3c078b89ecba3f9c
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Fri, 20 Mar 2020 07:25:05 GMT
ETag: "6d2-5a1442f35e87b"
Accept-Ranges: bytes
Content-Length: 1746
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
137.63.144.2200 OK 42 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (41467), with no line terminators
Hash 9eeddc51b0b4a2580a959042d50f826e
e42006973f24baf82c96ee3ae594eedfa1719f82
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "a1fb-59cb3e43e5aab"
Accept-Ranges: bytes
Content-Length: 41467
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2
137.63.144.2200 OK 8.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2
IP 137.63.144.2:0
Hash 6e22824fb51ac8dc8b33ec0bc75f3412
42eed8ac9886accf13d99d616356e3d0bc681fc4
5f893bb95c126000ea6836ce2b92c4fd43a17bc62ca32a6f3f77f8f67584503a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:06:04 GMT
ETag: "2150-5b5778d93cf39"
Accept-Ranges: bytes
Content-Length: 8528
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2
137.63.144.2200 OK 19 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2
IP 137.63.144.2:0
Hash 03566d33926ecd53e5a06232492fe13c
692019f870d23884d9868f8038326fc46403a5d9
df67f156612b6329078b52d0d790bba08e7885b7320bc8d9a0fa80f5670adc47
GET /wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 15:44:50 GMT
ETag: "4b89-5a06de2371e21"
Accept-Ranges: bytes
Content-Length: 19337
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8
137.63.144.2200 OK 46 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8
IP 137.63.144.2:0
File type ASCII text, with very long lines (317)
Hash c33e55a3e79984d24f3309545701cb1b
f86033f1ec21a3b20803a290318a9e7c4caa1de4
df583a3e1a03dd7122c020eea80b2747d9553e4161c22bfe112ff406f9e9b7dc
GET /wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 08:48:05 GMT
ETag: "b425-5a0cca5057d87"
Accept-Ranges: bytes
Content-Length: 46117
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
137.63.144.2200 OK 5.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
IP 137.63.144.2:0
File type ASCII text, with very long lines (5871), with no line terminators
Hash 17a42baaae8926c5f8df316b9a3db617
4cd76dc34f8e2f31952b99db1b3b29f404d2996c
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 16:02:05 GMT
ETag: "16ef-5a06e1fe6c3eb"
Accept-Ranges: bytes
Content-Length: 5871
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
137.63.144.2200 OK 118 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (117772 bytes)
Hash 57d175c50adce0f293d975f4e2771f8f
fae18070c3edfb714081edcec6e33ac4e5e90503
851c7de0c776256e8ef9e62ebb510c4ac1ef9f7fc78dcc014c77bbea83786743
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "1cc0c-5b57784b63954"
Accept-Ranges: bytes
Content-Length: 117772
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
137.63.144.2200 OK 31 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (30837)
Hash 008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:02:28 GMT
ETag: "7917-5b57780b3fbbc"
Accept-Ranges: bytes
Content-Length: 30999
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/icon-font.css?ver=1670039971
137.63.144.2200 OK 17 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/icon-font.css?ver=1670039971
IP 137.63.144.2:0
Hash 83275cd4aeaa3131bf07a012983efb76
a9e19cb375bd0a0bf118796bfbc4f0441c5d802a
de00e784dae37086c9269b2fdd7204bff5d41ef3040328ace9a38f616b593dde
GET /wp-content/themes/digiqole/assets/css/icon-font.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "416c-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 16748
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/css/dashicons.min.css?ver=5.3.2
137.63.144.2200 OK 48 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dashicons.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (47523)
Hash c8956481e00463f838b45364f45756df
256d7293ac07bb9b43a9757ba11057cad148818c
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
GET /wp-includes/css/dashicons.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "b9c6-59cb3e43e5e93"
Accept-Ranges: bytes
Content-Length: 47558
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/animate.css?ver=1670039971
137.63.144.2200 OK 24 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/animate.css?ver=1670039971
IP 137.63.144.2:0
Hash ef07eb63e3d54fcef0fe398abf4fdace
acbaa5775aa754ec7d4feca4eab63e1f587ce715
c4c6695d2db9b640a6ece790b2961c3157cc740662e9337869c5a26e5487feca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/animate.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "5d28-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 23848
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1670039971
137.63.144.2200 OK 8.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1670039971
IP 137.63.144.2:0
Hash fdd21658e6611d0a656a3be8cb66054c
922d4fe7f98aa4d30e7212b73e1f2c94cface4b0
a726e517a12addb48c0030f9e595a0a6412050ce1673d43bba7709a45aa8a8aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "2167-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 8551
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1670039971
137.63.144.2200 OK 2.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (2846)
Hash de0dfbabe627afa1b718d848b6b58e97
73d8a692734089983b00005d99ef8e5e5b0dadeb
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "b78-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 2936
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1670039971
137.63.144.2200 OK 1.0 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (846)
Hash 594b81805a98b267e47c70a8fad30d9f
684d84ec40b305ca14efc88c91f12972cb6342b4
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
GET /wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "3f5-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 1013
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3
137.63.144.2200 OK 251 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3
IP 137.63.144.2:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 251 kB (251187 bytes)
Hash a2694a0bd894090949de0b952b47d4f9
ae22b3651974712e76ea65582b97a144d029dda1
f7088fa78690fe80377c0954b92635912868e876d1b6098d6b31f0d6ae2a95cb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:33 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "3d533-5b57787118842"
Accept-Ranges: bytes
Content-Length: 251187
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1670039971
137.63.144.2200 OK 6.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1670039971
IP 137.63.144.2:0
Hash 77a86369cb3f1547c0f4eb96f5ffa4cc
6cac11684a73a837b4c66de0d12723644fb4b84d
5f443d62bda0cf802312ae87b617a0b46447b35ac770e7d0df866e1196d462b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "1937-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 6455
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1670039971
137.63.144.2200 OK 54 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1670039971
IP 137.63.144.2:0
Hash 77d0c92e92f34d1257252fd4be039116
29875998aba85af131a8fecc10ded5ac1d69f609
5879a94b1b727b7ede08cffd69d13d79c663e7de221027d75b64832c9bf0d5c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "d14f-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 53583
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1670039971
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (432)
Hash d940186729052f99506538117967bb64
1bb339abea3b2d8de3735c7c5a603a24b1e5c598
ecb47cf8d19149540a5b5593aad4a46199051ab5f307c5c23bde277dfe55d5b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "6d9c-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 28060
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1670039971
137.63.144.2200 OK 145 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (65325)
Size 145 kB (144877 bytes)
Hash 450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "235ed-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 144877
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/blog.css?ver=1670039971
137.63.144.2200 OK 20 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/blog.css?ver=1670039971
IP 137.63.144.2:0
Hash efdc8ce96b5ff7cc0ae2cb3b49970acf
dfeebb7b08548c3531a9d7867d4d971b6af8dc68
c3422004ce1285d7b6237041a8f9be028ccda40f4c681e2e360797dbeba94ba1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/blog.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "4f67-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 20327
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2
137.63.144.2200 OK 43 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash d91f3cef00a21c1f34e9ec59d0e57283
76a0273ba69ca7a499a0578f0d63eba8e7aabb5d
abbff281326efaaf147ef1fd2ad7bdf23c69073fb7e826b9c41cac1ebd27332e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:01:36 GMT
ETag: "2b-5b5777d94faa0"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
137.63.144.2200 OK 97 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 137.63.144.2:0
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "17a69-59cb3e43e433b"
Accept-Ranges: bytes
Content-Length: 96873
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2
137.63.144.2200 OK 1.8 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2
IP 137.63.144.2:0
Hash 953aef0cf9ee8fb1f07d304f3cf4c0dd
60d2fec7b069a73b2f34a78662eb7165400c95a3
2931bc0b780acd6d3cd2fc6cea2492ee55703ccc3bc0b8f866d0c371e5f4bd2e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 15:44:50 GMT
ETag: "6f3-5a06de2372209"
Accept-Ranges: bytes
Content-Length: 1779
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
137.63.144.2200 OK 10 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "2748-59cb3e43e433b"
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
137.63.144.2200 OK 14 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
IP 137.63.144.2:0
Hash 1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Fri, 20 Mar 2020 07:25:05 GMT
ETag: "3868-5a1442f35f04b"
Accept-Ranges: bytes
Content-Length: 14440
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2
137.63.144.2200 OK 6.4 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (6226)
Hash c0c5e34bbe8095cb5173dc77ae2e36a8
3091570090d44faf045deaa1a91d27d13803e0e5
a64f1976c04df67406f792945f8171c91a44498eeb6b06239b22b1c416370437
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "1918-5d54dff31d48e"
Accept-Ranges: bytes
Content-Length: 6424
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10
137.63.144.2200 OK 344 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10
IP 137.63.144.2:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 344 kB (343805 bytes)
Hash dac31169b5d033b049af2d107c81f0f6
68dde13066c786c6085c5377320d9988c6dd6947
256777f442a1ac7caba081909e82012367031079583494f2c82fae1f972991b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "53efd-5b57784b73355"
Accept-Ranges: bytes
Content-Length: 343805
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2
137.63.144.2200 OK 2.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash f9341a7fadb42d823e89288af1efce90
e57b4060013e9d5bc1f98670b99208ea48c8a289
db71ca026f0fe23da093b81b732f0fe9062bacaa90fde9dce5bef7f1e7e03c15
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "9b5-5d54dff31d48e"
Accept-Ranges: bytes
Content-Length: 2485
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0
137.63.144.2200 OK 3.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (3504)
Hash bd5ce81bfb5b4f3e2ac487ac65f4daf8
514dc1ea30ea9e4b84a55a689ba1f2c0fa7335c3
280df42702ec950d12b698c40b45c507fc362089f53eb8376d3152dc1d5898dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "dfa-5b577871197e2"
Accept-Ranges: bytes
Content-Length: 3578
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2
IP 137.63.144.2:0
Hash 54b2ba4e65cd4cfa7569a75fdd68f71d
a40d4940a2296a0f95f97705a0b9b5e3cfe5136d
ecb16ea1a740d524b507e3fc75e14556877ec2d3886b2f8e0b2ec9704b3fc36b
GET /wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:06:04 GMT
ETag: "6e15-5b5778d93e6a9"
Accept-Ranges: bytes
Content-Length: 28181
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10
137.63.144.2200 OK 38 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10
IP 137.63.144.2:0
File type ASCII text, with no line terminators
Hash ee9d2c70ab0a5f44eb2df422198a07b9
abc45613f773509b869e78a42a817d9e09da8bce
25bf40064888964eb06e0980211b378b28d210737786e3d10546da7013398899
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "26-5b57784b60a74"
Accept-Ranges: bytes
Content-Length: 38
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=1670039971
137.63.144.2200 OK 49 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (48664)
Hash 14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "bf30-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 48944
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900
142.250.74.106200 OK 20 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900
IP 142.250.74.106:0
Hash 82956503a9b646f25ca09e33f6b24ccd
6eac3b87e79e72a249373951d3610800622da4d3
df52151b92c1b76ad9bb6cbb87a9f64cf42d72a2b3d3f7f498e7cbebf639e120
GET /css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 03:59:33 GMT
date: Sat, 03 Dec 2022 03:59:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.10
137.63.144.2200 OK 142 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.10
IP 137.63.144.2:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 142 kB (141673 bytes)
Hash 9fff04bb5f2fe04a632138726c6250ba
f878080146c719281536c2724e674115165a4752
249fbe7be293e12a910e2728f9357d55695e000bfdade802859eece191dcf5a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "22969-5b57784b7567d"
Accept-Ranges: bytes
Content-Length: 141673
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/master.css?ver=1670039971
137.63.144.2200 OK 169 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/master.css?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (504)
Size 169 kB (169405 bytes)
Hash 00837687097a8deddd4dc8552e4e1f3c
6407a74d5d60d97ae75633b4862bb3c53ab64722
551f80eefa1d10922a57c6997ab2f97904c1b7478be225da944c44b54602d64e
GET /wp-content/themes/digiqole/assets/css/master.css?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "295bd-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 169405
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10
IP 137.63.144.2:0
File type ASCII text, with very long lines (28035), with no line terminators
Hash 5bf41e8704f9c1e250182eb6f8ff8212
c716565c820ecb6593f387554ed285c973654870
34d36ff0aafe4dd8d250a7d1d67bac7e5c7f4f28aa3c8db91d0ec0e649eb9dac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:34 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "6d83-5b57784b73355"
Accept-Ranges: bytes
Content-Length: 28035
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 203142
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 203121
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1670039971
137.63.144.2200 OK 964 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (964), with no line terminators
Hash 51abc4b947baae5e46545f0f0ada7eb4
348f8638545bf38e9f319652939bb0c9280d4501
94a8d6d2593de2028174575095e9fdf58a65aecbb4257c021bf11bb882e0254e
GET /wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "3c4-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 964
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Hash c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:53:48 GMT
expires: Sat, 02 Dec 2023 06:53:48 GMT
cache-control: public, max-age=31536000
age: 75948
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1670039971
137.63.144.2200 OK 20 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (20087)
Hash ba6cf724c8bb1cf5b084e79ff230626e
f455c5f153f872e52265f87a644ff89fe14a6fb6
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "4ef8-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 20216
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1670039971
137.63.144.2200 OK 4.0 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (3765)
Hash eac43429f465cc28ab77b033b7e0686e
add547d05e8c9ce8d3ddab731a133421416bb30b
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444
GET /wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "f96-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 3990
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2
137.63.144.2200 OK 37 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (37054), with no line terminators
Hash 0cfbff3b001f601bec2937518e73a321
24d39cb83535eca8899993996c2e65dd0316135e
af51d2ee1c2757427220da779db814760be6fb92590b01436c2b46c706116469
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "90be-5b57784b7567d"
Accept-Ranges: bytes
Content-Length: 37054
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/script.js?ver=1670039971
137.63.144.2200 OK 13 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/script.js?ver=1670039971
IP 137.63.144.2:0
Hash c846202915c15c3542cd337a3428cbae
6c449485eda989e1c572b778ffd2c55357b604be
4f0e911454dbb139072c660bb5cd6dcfaf745c6f1c8607a8144d7a6fee1c1218
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/script.js?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "317f-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 12671
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/wp-embed.min.js?ver=5.3.2
137.63.144.2200 OK 1.4 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/wp-embed.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1399), with no line terminators
Hash 04133d37cfd0f08267530b905a5ffff3
6eb207e57c92ee341f57998cb191e5c9dc4fc738
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
GET /wp-includes/js/wp-embed.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "577-59cb3e43e3b6b"
Accept-Ranges: bytes
Content-Length: 1399
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5
137.63.144.2200 OK 6.8 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5
IP 137.63.144.2:0
File type ASCII text, with very long lines (6727)
Hash 0f00149954d5420af7b22c1fa979a663
68f65a314a8f3e40945bd2fde054e74ab3f3d649
e42d4d1224ddfc10b3953543711bdbfa58ca8beb3732a5456c1bfc1e4687dc16
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 13:47:50 GMT
ETag: "1a6e-5a0d0d4f601c3"
Accept-Ranges: bytes
Content-Length: 6766
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1670039971
137.63.144.2200 OK 45 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (32011)
Hash 7d039583fef369577e9161d12c8c6ba2
15430bc876026d813c21e03a7a72ab4d6dcfe31a
c81b01b32b51fc61a3818d12e051effc099374c7436ff0146ed76fe1d0bbfa09
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "ae4d-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 44621
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
region1.google-analytics.com/g/collect?v=2&tid=G-F041G50W6C>m=2oebu0&_p=1537489418&cid=969150996.1670039974&ul=en-us&sr=1280x1024&_s=1&sid=1670039974&sct=1&seg=0&dl=https%3A%2F%2Frif.mak.ac.ug%2Fwp-content%2Fplugins%2Fsuavizar%2Flogin%2Fmkbnetbankar%2Flogin.php&dt=Page%20not%20found%20%E2%80%93%20Research%20and%20Innovations%20Fund&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-F041G50W6C>m=2oebu0&_p=1537489418&cid=969150996.1670039974&ul=en-us&sr=1280x1024&_s=1&sid=1670039974&sct=1&seg=0&dl=https%3A%2F%2Frif.mak.ac.ug%2Fwp-content%2Fplugins%2Fsuavizar%2Flogin%2Fmkbnetbankar%2Flogin.php&dt=Page%20not%20found%20%E2%80%93%20Research%20and%20Innovations%20Fund&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F041G50W6C>m=2oebu0&_p=1537489418&cid=969150996.1670039974&ul=en-us&sr=1280x1024&_s=1&sid=1670039974&sct=1&seg=0&dl=https%3A%2F%2Frif.mak.ac.ug%2Fwp-content%2Fplugins%2Fsuavizar%2Flogin%2Fmkbnetbankar%2Flogin.php&dt=Page%20not%20found%20%E2%80%93%20Research%20and%20Innovations%20Fund&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rif.mak.ac.ug
date: Sat, 03 Dec 2022 03:59:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3
137.63.144.2200 OK 559 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3
IP 137.63.144.2:0
File type ASCII text, with very long lines (10285)
Size 559 kB (559072 bytes)
Hash 7b41ae0a65d6f8258f1e6ecc6aea3e86
e5e00bcba64246746533f8c3407a22011de8efa8
1ce4e942133b764ef7d8991bd2ac4d9bf9370d52d2d08ca76908b97b5aa5c03d
GET /wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:35 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "887e0-5b57787119bca"
Accept-Ranges: bytes
Content-Length: 559072
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
137.63.144.2200 OK 14 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (10942)
Hash b2bdc6d8dfd107ed138f042d71ad4be2
c0efe12b5d5aecfed04bf625e41dbf7a64008d3c
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:37 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "362a-59cb3e43e2bcb"
Accept-Ranges: bytes
Content-Length: 13866
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1670039971
137.63.144.2200 OK 43 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1670039971
IP 137.63.144.2:0
File type ASCII text, with very long lines (32000)
Hash b7b9c97cd68ec336d01a79d5be48c58d
1a99890b57c9859a622337ed0b2f989d6e30cc0e
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "a70e-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 42766
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1670039971
137.63.144.2200 OK 93 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1670039971
IP 137.63.144.2:0
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash 334f1f87a34c59a498b7d7b74d00a07d
2f04614e11ab6310cd5fbda2df7db42d9e564bbb
0609b067a8f4e38b77182421989b698879141956338daa5c1968c11f87559deb
GET /wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1670039971 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:36 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "16bf0-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 93168
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/fonts/iconfont.ttf?cpfcy1
137.63.144.2200 OK 161 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/fonts/iconfont.ttf?cpfcy1
IP 137.63.144.2:0
File type TrueType Font data, 11 tables, 1st "OS/2", 22 names, Macintosh\012- data
Size 161 kB (160880 bytes)
Hash b5e07b7738d5612605658f4b764b2bbf
0b7cf92c274edde682682a8fc622cf4e2706f7a5
b120808034e44062d12b3805c7dabfebd92f7d25a8b19c342e65d423276e4eb7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/fonts/iconfont.ttf?cpfcy1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/icon-font.css?ver=1670039971
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:37 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "27470-59cb3e43bf949"
Accept-Ranges: bytes
Content-Length: 160880
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/font-sfnt
rif.mak.ac.ug/wp-content/uploads/2022/03/logo-rif-makerere-1.png
137.63.144.2200 OK 45 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/uploads/2022/03/logo-rif-makerere-1.png
IP 137.63.144.2:0
File type PNG image data, 270 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 80ac4e75144ec5b43650861f73db0bee
ab827fd76a30dd56c25b23f5e1b4f1466efe216a
f18384b4b9869024693db67e9ec4698bb1f1ea6c4a28fe36e85817ddf43f9ee7
GET /wp-content/uploads/2022/03/logo-rif-makerere-1.png HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:37 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2022 11:21:31 GMT
ETag: "ae93-5db59a182fc1d"
Accept-Ranges: bytes
Content-Length: 44691
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
137.63.144.2200 OK 54 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 137.63.144.2:0
File type PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash b0b7a035e1f3240132e2fb5cbe5605fd
7b4f9f0f58ee46c5f79cda93d99ceb493eb05399
170e47999146b41ae8535f6e0f273a32bf4bb7d64c4ab444ad91ed6187cdc290
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:37 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:02:28 GMT
ETag: "12d68-5b57780b40774"
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
rif.mak.ac.ug/wp-content/uploads/2020/01/favicon-rif-makerere-150x150.png
137.63.144.2200 OK 33 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/uploads/2020/01/favicon-rif-makerere-150x150.png
IP 137.63.144.2:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash e4b3f424bc5b9350fc08bcf7f49ead67
1b5156be2fe92967ffe12083f7befbb3876a1042
c0617adc64b565f06cb78e3ebd97c737ae129e1710e983eb26705fcb242fc84f
GET /wp-content/uploads/2020/01/favicon-rif-makerere-150x150.png HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r; _ga_F041G50W6C=GS1.1.1670039974.1.0.1670039974.0.0.0; _ga=GA1.1.969150996.1670039974
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:38 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "8252-59cb3e43bbac9"
Accept-Ranges: bytes
Content-Length: 33362
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/fonts/elementskit.woff?y24e1e
137.63.144.2200 OK 443 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/fonts/elementskit.woff?y24e1e
IP 137.63.144.2:0
File type Web Open Font Format, TrueType, length 442864, version 1.0\012- data
Size 443 kB (442864 bytes)
Hash fd4a1534fca171a46ef07ffca631465e
14c7b48fd5e85e3e375f721299da885330e95152
7659fa917839f5a43c0141f18cad5181d379bdb86a5923e15f5167a307107e2f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/modules/controls/assets/fonts/elementskit.woff?y24e1e HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
Cookie: PHPSESSID=80lm9h1b37t1qtpsgeucok314r
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 03:59:37 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "6c1f0-5b57784b63d3c"
Accept-Ranges: bytes
Content-Length: 442864
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/font-woff