r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9420
Expires: Sun, 11 Sep 2022 16:23:36 GMT
Date: Sun, 11 Sep 2022 13:46:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 13:03:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1gLYZ-T3-2sy6ScbDTV90mdYxvzOlXQFwwXtmZCWV-dRdxLrkRFxmQ==
Age: 2579
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tJMYaX75c49tCha_HJvH9S2amJ2YDcYNZqBekVRnUBOdnsMNovOWtA==
age: 23364
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 13:46:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
137.63.144.2301 Moved Permanently 286 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
IP 137.63.144.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 730358d312ddbf5dabdf40f55f0e9e97
bf3b223666385f151bf12eb5795698de82f01a0d
938906f6bb8949e51c07d28655521064dcf2442c5ef843e283ff934d0c5a3347
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/suavizar/login/mkbnetbankar/login.php HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Sep 2022 13:46:36 GMT
Server: Apache
Location: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Content-Length: 286
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 11 Sep 2022 12:56:08 GMT
Cache-Control: max-age=3600
Expires: Sun, 11 Sep 2022 13:16:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TYH0qTnf5IDIPvQc4Bor3PMwSFOiSrRc0Va8AcBLxWT7Tn5ZppDLMQ==
Age: 3029
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:36 GMT
Last-Modified: Sun, 11 Sep 2022 13:07:07 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 94478ab0f607b6343f81a07d4ae83e0a
f146dec10283927394bb31006d11ea603edcd6ec
9d17425562a7ae263a0e06e80a01601e9af39f824a0dae22442fe035131f5c1a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D17425562A7AE263A0E06E80A01601E9AF39F824A0DAE22442FE035131F5C1A"
Last-Modified: Fri, 09 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 11 Sep 2022 19:46:36 GMT
Date: Sun, 11 Sep 2022 13:46:36 GMT
Connection: keep-alive
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jqAXl0F0Mz0yCOHGD6+GcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aCcpAoJnFqEod2qWTkd2tiEMk70=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15637
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 13:46:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15637
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 13:46:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15637
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 13:46:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15637
Expires: Sun, 11 Sep 2022 18:07:15 GMT
Date: Sun, 11 Sep 2022 13:46:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12666d69f9af3ceb23fdfc2100bd3226
c4d17e3ea44ef6dee9819c1586424e5f056f149c
054236a4d1f88a486f48b8f3a8ac01d21ec2179d5b1f3fc9791d0982d07a88a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe41cdec0-ceff-4e9c-88a7-3a5565f1a459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5752
x-amzn-requestid: 622ffff0-1bd5-4eb4-a9ff-eb54c5ae44a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqiFiToAMF0tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-49efdcc572b4fad3543f857d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VKsU4S6tKOso216JLUWn7b1bKDyfruIVukt98JooNCjwaXDT9bkPYQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:02 GMT
age: 57756
etag: "c4d17e3ea44ef6dee9819c1586424e5f056f149c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 22:14:30 GMT
age: 55928
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eee5b4d617dab6f10d7053f5c4f4e98e
6c728c56797ba921e8001919df4d36e56dd37e54
76a53e2c81ec8da2bc469760b2c57098d587c6a36fa70e5b7c743a224a47d362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d72ce1b-951e-4f1f-97b1-db99c399d5f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8171
x-amzn-requestid: a3eb931f-cd71-4738-acb1-4398fc09f453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOa7QGqoIAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c0b7b-2a6ed8ca00a0a0640110cf5d;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:58:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QuUPVSWCQk9z9xI03trHifaWzOi5TqBZHLena93lrxhjlAG1PICKKA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 12:19:15 GMT
age: 5243
etag: "6c728c56797ba921e8001919df4d36e56dd37e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mNvNO0HJjZ1zwPKcjfqiVOnCL0CYXc8BPDSFbV6MXVW71IVt-2K3mQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:54 GMT
age: 57584
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1ZoYLM2Mj7teQm-1Dz80IZxKGqzuzAoEiT85R3RldbJwO6iJR-JJA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:44:01 GMT
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
age: 57757
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c65d6ae04a64d9d01439fb4fca3f017
5ce0bc5b075b97639453d67d4f3cea61289b7698
eb48687a5974542d11882f854a86ff083528957b0fbc61c797167d8f04e0ffa9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16983
x-amzn-requestid: adf7a560-2f6c-41ba-97b2-860515511e5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH-CxFp-oAMF9yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631976de-5f4efe0a705012957cf8bbd4;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 05:00:14 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: uoEqiA2HIn5Nbw3RBIqKrCguG-0mLFNBtkB-r3RMitCoJE3fX6wq4w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 05:27:48 GMT
age: 29930
etag: "5ce0bc5b075b97639453d67d4f3cea61289b7698"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
137.63.144.2404 Not Found 42 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
IP 137.63.144.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1911), with CRLF, LF line terminators
Hash cbf3288b24729119a6f4211a0ef850a2
8eace791f3b0bb247bd4f7dabfc50b3ab3e9296b
3c5e71a7a96ec46b2f77c20d09557a78a13ecde8c3fabcb34ec83041bfacc4c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/suavizar/login/mkbnetbankar/login.php HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 13:46:36 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Set-Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2; path=/
Pragma: no-cache
Link: <https://rif.mak.ac.ug/wp-json/>; rel="https://api.w.org/"
X-TEC-API-VERSION: v1
X-TEC-API-ROOT: https://rif.mak.ac.ug/wp-json/tribe/events/v1/
X-TEC-API-ORIGIN: https://rif.mak.ac.ug
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8
137.63.144.2200 OK 16 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash c6efcd93a4cca2bebf58de385f65ca80
172f3dcd8fe44ed28d77c9996f376f998c85dd38
b1c9554ecb00cdeff91028b6df899fe66a69b51c6001a95133a07558b37495da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 08:48:05 GMT
ETag: "3d13-5a0cca5057d87"
Accept-Ranges: bytes
Content-Length: 15635
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=G-F041G50W6C
142.250.74.72200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-F041G50W6C
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash 72b0133fa7305cf71da42071a059f9cb
d779f73eb8c3728a421da9e75e3230cb936f69e8
f4210cb4fdf3d7959c9a145981852ed73329092568fe953598e2745e9c106f1e
GET /gtag/js?id=G-F041G50W6C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Sep 2022 13:46:41 GMT
expires: Sun, 11 Sep 2022 13:46:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2
137.63.144.2200 OK 1.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1939), with no line terminators
Hash 80145dc9e4908a34d14ca5a87d33c6d7
45524ba47da72574c224ed819104e4ce251b3cd6
45f461bf78813a1ee5c3a025b6b9bf83f9c78da98390f7208826dbd64573ec10
GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "793-59cb3e43e5aab"
Accept-Ranges: bytes
Content-Length: 1939
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1
137.63.144.2200 OK 1.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (1634), with no line terminators
Hash 5f209d26ccda9892a1fa030b3062a59d
7d6522a7107d3e8d60e37740f2f91844be48689b
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:09:00 GMT
ETag: "662-5b5779816e0ae"
Accept-Ranges: bytes
Content-Length: 1634
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2
137.63.144.2200 OK 5.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1146), with CRLF line terminators
Hash 8d517df24eb8309c995b98404b5845f6
7f63d83fc86dc430e7c30026a313d1ca6b53ae4c
11df23d06c2fdaab8008791b75abea58621728637c7c4b00cb9d1117584400df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "15ca-5d54dff31d0a6"
Accept-Ranges: bytes
Content-Length: 5578
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 57b75ea93de540716c45f1397781431a
431cc2c684385c4e46facd7210b5ac49b9dd09cc
4581d7dd422dc110fa7cfe667297cdb75d92a02ce7226db6db89448befa5b780
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1
137.63.144.2200 OK 27 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (26843), with no line terminators
Hash 243eb3ecefba8d3f5e9bcc9ba2e2d743
39a83a22e3ebac8ca17e414e6f069ddc442a07d3
7c6d3da39b43a0322a762fd047157070ae066272f31a9863b39152bfb102b273
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:09:00 GMT
ETag: "68db-5b5779816dcc6"
Accept-Ranges: bytes
Content-Length: 26843
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
137.63.144.2200 OK 42 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (41467), with no line terminators
Hash 9eeddc51b0b4a2580a959042d50f826e
e42006973f24baf82c96ee3ae594eedfa1719f82
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "a1fb-59cb3e43e5aab"
Accept-Ranges: bytes
Content-Length: 41467
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
137.63.144.2200 OK 1.7 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
IP 137.63.144.2:0
Hash 8983e25a91f5c9981fb973bdbe189d33
30cd5e3a1f0cd121cfd1893b3c078b89ecba3f9c
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Fri, 20 Mar 2020 07:25:05 GMT
ETag: "6d2-5a1442f35e87b"
Accept-Ranges: bytes
Content-Length: 1746
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2
137.63.144.2200 OK 8.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2
IP 137.63.144.2:0
Hash 6e22824fb51ac8dc8b33ec0bc75f3412
42eed8ac9886accf13d99d616356e3d0bc681fc4
5f893bb95c126000ea6836ce2b92c4fd43a17bc62ca32a6f3f77f8f67584503a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:06:04 GMT
ETag: "2150-5b5778d93cf39"
Accept-Ranges: bytes
Content-Length: 8528
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2
137.63.144.2200 OK 19 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2
IP 137.63.144.2:0
Hash 03566d33926ecd53e5a06232492fe13c
692019f870d23884d9868f8038326fc46403a5d9
df67f156612b6329078b52d0d790bba08e7885b7320bc8d9a0fa80f5670adc47
GET /wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 15:44:50 GMT
ETag: "4b89-5a06de2371e21"
Accept-Ranges: bytes
Content-Length: 19337
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8
137.63.144.2200 OK 46 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8
IP 137.63.144.2:0
File type ASCII text, with very long lines (317)
Hash c33e55a3e79984d24f3309545701cb1b
f86033f1ec21a3b20803a290318a9e7c4caa1de4
df583a3e1a03dd7122c020eea80b2747d9553e4161c22bfe112ff406f9e9b7dc
GET /wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 08:48:05 GMT
ETag: "b425-5a0cca5057d87"
Accept-Ranges: bytes
Content-Length: 46117
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/css/dashicons.min.css?ver=5.3.2
137.63.144.2200 OK 48 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dashicons.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (47523)
Hash c8956481e00463f838b45364f45756df
256d7293ac07bb9b43a9757ba11057cad148818c
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
GET /wp-includes/css/dashicons.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "b9c6-59cb3e43e5e93"
Accept-Ranges: bytes
Content-Length: 47558
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
137.63.144.2200 OK 5.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
IP 137.63.144.2:0
File type ASCII text, with very long lines (5871), with no line terminators
Hash 17a42baaae8926c5f8df316b9a3db617
4cd76dc34f8e2f31952b99db1b3b29f404d2996c
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 16:02:05 GMT
ETag: "16ef-5a06e1fe6c3eb"
Accept-Ranges: bytes
Content-Length: 5871
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
137.63.144.2200 OK 31 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (30837)
Hash 008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:02:28 GMT
ETag: "7917-5b57780b3fbbc"
Accept-Ranges: bytes
Content-Length: 30999
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/icon-font.css?ver=1662903997
137.63.144.2200 OK 17 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/icon-font.css?ver=1662903997
IP 137.63.144.2:0
Hash 83275cd4aeaa3131bf07a012983efb76
a9e19cb375bd0a0bf118796bfbc4f0441c5d802a
de00e784dae37086c9269b2fdd7204bff5d41ef3040328ace9a38f616b593dde
GET /wp-content/themes/digiqole/assets/css/icon-font.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "416c-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 16748
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/animate.css?ver=1662903997
137.63.144.2200 OK 24 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/animate.css?ver=1662903997
IP 137.63.144.2:0
Hash ef07eb63e3d54fcef0fe398abf4fdace
acbaa5775aa754ec7d4feca4eab63e1f587ce715
c4c6695d2db9b640a6ece790b2961c3157cc740662e9337869c5a26e5487feca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/animate.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "5d28-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 23848
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1662903997
137.63.144.2200 OK 8.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1662903997
IP 137.63.144.2:0
Hash fdd21658e6611d0a656a3be8cb66054c
922d4fe7f98aa4d30e7212b73e1f2c94cface4b0
a726e517a12addb48c0030f9e595a0a6412050ce1673d43bba7709a45aa8a8aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "2167-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 8551
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1662903997
137.63.144.2200 OK 2.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (2846)
Hash de0dfbabe627afa1b718d848b6b58e97
73d8a692734089983b00005d99ef8e5e5b0dadeb
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "b78-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 2936
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1662903997
137.63.144.2200 OK 1.0 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (846)
Hash 594b81805a98b267e47c70a8fad30d9f
684d84ec40b305ca14efc88c91f12972cb6342b4
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
GET /wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "3f5-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 1013
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1662903997
137.63.144.2200 OK 145 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (65325)
Size 145 kB (144877 bytes)
Hash 450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "235ed-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 144877
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1662903997
137.63.144.2200 OK 6.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1662903997
IP 137.63.144.2:0
Hash 77a86369cb3f1547c0f4eb96f5ffa4cc
6cac11684a73a837b4c66de0d12723644fb4b84d
5f443d62bda0cf802312ae87b617a0b46447b35ac770e7d0df866e1196d462b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "1937-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 6455
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1662903997
137.63.144.2200 OK 54 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1662903997
IP 137.63.144.2:0
Hash 77d0c92e92f34d1257252fd4be039116
29875998aba85af131a8fecc10ded5ac1d69f609
5879a94b1b727b7ede08cffd69d13d79c663e7de221027d75b64832c9bf0d5c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "d14f-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 53583
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3
137.63.144.2200 OK 251 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3
IP 137.63.144.2:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 251 kB (251187 bytes)
Hash a2694a0bd894090949de0b952b47d4f9
ae22b3651974712e76ea65582b97a144d029dda1
f7088fa78690fe80377c0954b92635912868e876d1b6098d6b31f0d6ae2a95cb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:41 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "3d533-5b57787118842"
Accept-Ranges: bytes
Content-Length: 251187
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
137.63.144.2200 OK 118 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (117772 bytes)
Hash 57d175c50adce0f293d975f4e2771f8f
fae18070c3edfb714081edcec6e33ac4e5e90503
851c7de0c776256e8ef9e62ebb510c4ac1ef9f7fc78dcc014c77bbea83786743
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "1cc0c-5b57784b63954"
Accept-Ranges: bytes
Content-Length: 117772
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/blog.css?ver=1662903997
137.63.144.2200 OK 20 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/blog.css?ver=1662903997
IP 137.63.144.2:0
Hash efdc8ce96b5ff7cc0ae2cb3b49970acf
dfeebb7b08548c3531a9d7867d4d971b6af8dc68
c3422004ce1285d7b6237041a8f9be028ccda40f4c681e2e360797dbeba94ba1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/blog.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "4f67-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 20327
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1662903997
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (432)
Hash d940186729052f99506538117967bb64
1bb339abea3b2d8de3735c7c5a603a24b1e5c598
ecb47cf8d19149540a5b5593aad4a46199051ab5f307c5c23bde277dfe55d5b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "6d9c-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 28060
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10
IP 137.63.144.2:0
File type ASCII text, with very long lines (28035), with no line terminators
Hash 5bf41e8704f9c1e250182eb6f8ff8212
c716565c820ecb6593f387554ed285c973654870
34d36ff0aafe4dd8d250a7d1d67bac7e5c7f4f28aa3c8db91d0ec0e649eb9dac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "6d83-5b57784b73355"
Accept-Ranges: bytes
Content-Length: 28035
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2
137.63.144.2200 OK 43 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash d91f3cef00a21c1f34e9ec59d0e57283
76a0273ba69ca7a499a0578f0d63eba8e7aabb5d
abbff281326efaaf147ef1fd2ad7bdf23c69073fb7e826b9c41cac1ebd27332e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:01:36 GMT
ETag: "2b-5b5777d94faa0"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2
137.63.144.2200 OK 1.8 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2
IP 137.63.144.2:0
Hash 953aef0cf9ee8fb1f07d304f3cf4c0dd
60d2fec7b069a73b2f34a78662eb7165400c95a3
2931bc0b780acd6d3cd2fc6cea2492ee55703ccc3bc0b8f866d0c371e5f4bd2e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 15:44:50 GMT
ETag: "6f3-5a06de2372209"
Accept-Ranges: bytes
Content-Length: 1779
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
137.63.144.2200 OK 10 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "2748-59cb3e43e433b"
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
137.63.144.2200 OK 14 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
IP 137.63.144.2:0
Hash 1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Fri, 20 Mar 2020 07:25:05 GMT
ETag: "3868-5a1442f35f04b"
Accept-Ranges: bytes
Content-Length: 14440
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2
137.63.144.2200 OK 6.4 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (6226)
Hash c0c5e34bbe8095cb5173dc77ae2e36a8
3091570090d44faf045deaa1a91d27d13803e0e5
a64f1976c04df67406f792945f8171c91a44498eeb6b06239b22b1c416370437
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "1918-5d54dff31d48e"
Accept-Ranges: bytes
Content-Length: 6424
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2
137.63.144.2200 OK 2.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash f9341a7fadb42d823e89288af1efce90
e57b4060013e9d5bc1f98670b99208ea48c8a289
db71ca026f0fe23da093b81b732f0fe9062bacaa90fde9dce5bef7f1e7e03c15
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "9b5-5d54dff31d48e"
Accept-Ranges: bytes
Content-Length: 2485
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0
137.63.144.2200 OK 3.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (3504)
Hash bd5ce81bfb5b4f3e2ac487ac65f4daf8
514dc1ea30ea9e4b84a55a689ba1f2c0fa7335c3
280df42702ec950d12b698c40b45c507fc362089f53eb8376d3152dc1d5898dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "dfa-5b577871197e2"
Accept-Ranges: bytes
Content-Length: 3578
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10
137.63.144.2200 OK 344 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10
IP 137.63.144.2:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 344 kB (343805 bytes)
Hash dac31169b5d033b049af2d107c81f0f6
68dde13066c786c6085c5377320d9988c6dd6947
256777f442a1ac7caba081909e82012367031079583494f2c82fae1f972991b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "53efd-5b57784b73355"
Accept-Ranges: bytes
Content-Length: 343805
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
137.63.144.2200 OK 97 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 137.63.144.2:0
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "17a69-59cb3e43e433b"
Accept-Ranges: bytes
Content-Length: 96873
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10
137.63.144.2200 OK 38 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10
IP 137.63.144.2:0
File type ASCII text, with no line terminators
Hash ee9d2c70ab0a5f44eb2df422198a07b9
abc45613f773509b869e78a42a817d9e09da8bce
25bf40064888964eb06e0980211b378b28d210737786e3d10546da7013398899
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "26-5b57784b60a74"
Accept-Ranges: bytes
Content-Length: 38
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/popper.min.js?ver=1662903997
137.63.144.2200 OK 19 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/popper.min.js?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (19063)
Hash aad2475f1e2615224fa9716b53954be2
4f08d328c845410583e0a05c8d5a5bc61c23db47
8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/popper.min.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "4b24-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 19236
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1662903997
137.63.144.2200 OK 20 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (20087)
Hash ba6cf724c8bb1cf5b084e79ff230626e
f455c5f153f872e52265f87a644ff89fe14a6fb6
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "4ef8-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 20216
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1662903997
137.63.144.2200 OK 964 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (964), with no line terminators
Hash 51abc4b947baae5e46545f0f0ada7eb4
348f8638545bf38e9f319652939bb0c9280d4501
94a8d6d2593de2028174575095e9fdf58a65aecbb4257c021bf11bb882e0254e
GET /wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "3c4-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 964
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=1662903997
137.63.144.2200 OK 49 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (48664)
Hash 14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/bootstrap.min.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "bf30-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 48944
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1662903997
137.63.144.2200 OK 93 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1662903997
IP 137.63.144.2:0
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash 334f1f87a34c59a498b7d7b74d00a07d
2f04614e11ab6310cd5fbda2df7db42d9e564bbb
0609b067a8f4e38b77182421989b698879141956338daa5c1968c11f87559deb
GET /wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "16bf0-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 93168
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/master.css?ver=1662903997
137.63.144.2200 OK 169 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/master.css?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (504)
Size 169 kB (169405 bytes)
Hash 00837687097a8deddd4dc8552e4e1f3c
6407a74d5d60d97ae75633b4862bb3c53ab64722
551f80eefa1d10922a57c6997ab2f97904c1b7478be225da944c44b54602d64e
GET /wp-content/themes/digiqole/assets/css/master.css?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "295bd-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 169405
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1662903997
137.63.144.2200 OK 43 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (32000)
Hash b7b9c97cd68ec336d01a79d5be48c58d
1a99890b57c9859a622337ed0b2f989d6e30cc0e
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "a70e-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 42766
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.10
137.63.144.2200 OK 142 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.10
IP 137.63.144.2:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 142 kB (141673 bytes)
Hash 9fff04bb5f2fe04a632138726c6250ba
f878080146c719281536c2724e674115165a4752
249fbe7be293e12a910e2728f9357d55695e000bfdade802859eece191dcf5a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "22969-5b57784b7567d"
Accept-Ranges: bytes
Content-Length: 141673
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1662903997
137.63.144.2200 OK 45 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (32011)
Hash 7d039583fef369577e9161d12c8c6ba2
15430bc876026d813c21e03a7a72ab4d6dcfe31a
c81b01b32b51fc61a3818d12e051effc099374c7436ff0146ed76fe1d0bbfa09
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "ae4d-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 44621
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 324756
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Hash c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:36:55 GMT
expires: Wed, 06 Sep 2023 22:36:55 GMT
cache-control: public, max-age=31536000
age: 400189
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 324756
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 13:46:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2
137.63.144.2200 OK 37 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (37054), with no line terminators
Hash 0cfbff3b001f601bec2937518e73a321
24d39cb83535eca8899993996c2e65dd0316135e
af51d2ee1c2757427220da779db814760be6fb92590b01436c2b46c706116469
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "90be-5b57784b7567d"
Accept-Ranges: bytes
Content-Length: 37054
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/wp-embed.min.js?ver=5.3.2
137.63.144.2200 OK 1.4 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/wp-embed.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1399), with no line terminators
Hash 04133d37cfd0f08267530b905a5ffff3
6eb207e57c92ee341f57998cb191e5c9dc4fc738
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
GET /wp-includes/js/wp-embed.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "577-59cb3e43e3b6b"
Accept-Ranges: bytes
Content-Length: 1399
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5
137.63.144.2200 OK 6.8 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5
IP 137.63.144.2:0
File type ASCII text, with very long lines (6727)
Hash 0f00149954d5420af7b22c1fa979a663
68f65a314a8f3e40945bd2fde054e74ab3f3d649
e42d4d1224ddfc10b3953543711bdbfa58ca8beb3732a5456c1bfc1e4687dc16
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 13:47:50 GMT
ETag: "1a6e-5a0d0d4f601c3"
Accept-Ranges: bytes
Content-Length: 6766
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/script.js?ver=1662903997
137.63.144.2200 OK 13 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/script.js?ver=1662903997
IP 137.63.144.2:0
Hash c846202915c15c3542cd337a3428cbae
6c449485eda989e1c572b778ffd2c55357b604be
4f0e911454dbb139072c660bb5cd6dcfaf745c6f1c8607a8144d7a6fee1c1218
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/script.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "317f-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 12671
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1662903997
137.63.144.2200 OK 4.0 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1662903997
IP 137.63.144.2:0
File type ASCII text, with very long lines (3765)
Hash eac43429f465cc28ab77b033b7e0686e
add547d05e8c9ce8d3ddab731a133421416bb30b
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444
GET /wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1662903997 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "f96-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 3990
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ec2646c56c4c522f0744768ad20342b
ad1d9eee90556a359547dc7cbb6758aee2c804cd
0bf9eaa4420bf6290535fd23895c6c723c7de6b849995ba83774532862cfe8b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e7fcb-66df-4e59-8130-9579a79eca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7635
x-amzn-requestid: dbd07cc7-d0f6-4500-83c6-b19fa9fa2e3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt5xDEfUIAMFYXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f09a0-3771b23118f3711e5caca699;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:11:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ILut4hEDJbs6jNr3wpPST1HgAYMabIT7cdZebRFETn8lL_QfS92KBA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:40:34 GMT
age: 57970
etag: "ad1d9eee90556a359547dc7cbb6758aee2c804cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2
IP 137.63.144.2:0
Hash 54b2ba4e65cd4cfa7569a75fdd68f71d
a40d4940a2296a0f95f97705a0b9b5e3cfe5136d
ecb16ea1a740d524b507e3fc75e14556877ec2d3886b2f8e0b2ec9704b3fc36b
GET /wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:06:04 GMT
ETag: "6e15-5b5778d93e6a9"
Accept-Ranges: bytes
Content-Length: 28181
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
137.63.144.2200 OK 14 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (10942)
Hash b2bdc6d8dfd107ed138f042d71ad4be2
c0efe12b5d5aecfed04bf625e41dbf7a64008d3c
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "362a-59cb3e43e2bcb"
Accept-Ranges: bytes
Content-Length: 13866
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/fonts/iconfont.ttf?cpfcy1
137.63.144.2200 OK 0 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/fonts/iconfont.ttf?cpfcy1
IP 137.63.144.2:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/fonts/iconfont.ttf?cpfcy1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/icon-font.css?ver=1662903997
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "27470-59cb3e43bf949"
Accept-Ranges: bytes
Content-Length: 160880
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/font-sfnt
rif.mak.ac.ug/wp-content/uploads/2022/03/logo-rif-makerere-1.png
137.63.144.2200 OK 0 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/uploads/2022/03/logo-rif-makerere-1.png
IP 137.63.144.2:0
GET /wp-content/uploads/2022/03/logo-rif-makerere-1.png HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2022 11:21:31 GMT
ETag: "ae93-5db59a182fc1d"
Accept-Ranges: bytes
Content-Length: 44691
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1662903997
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1662903997
IP 142.250.74.10:0
GET /css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1662903997 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 13:46:41 GMT
date: Sun, 11 Sep 2022 13:46:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3
137.63.144.2200 OK 0 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3
IP 137.63.144.2:0
GET /wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:43 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "887e0-5b57787119bca"
Accept-Ranges: bytes
Content-Length: 559072
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
137.63.144.2200 OK 0 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 137.63.144.2:0
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:02:28 GMT
ETag: "12d68-5b57780b40774"
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
fonts.googleapis.com/css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900
IP 142.250.74.10:0
GET /css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 13:46:41 GMT
date: Sun, 11 Sep 2022 13:46:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,500
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500
IP 142.250.74.10:0
GET /css?family=Roboto:400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Sep 2022 13:46:41 GMT
date: Sun, 11 Sep 2022 13:46:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/fonts/elementskit.woff?y24e1e
137.63.144.2200 OK 0 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/fonts/elementskit.woff?y24e1e
IP 137.63.144.2:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/modules/controls/assets/fonts/elementskit.woff?y24e1e HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
Cookie: PHPSESSID=rb2mvc8fcn758g2aqhij17bmd2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 13:46:44 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "6c1f0-5b57784b63d3c"
Accept-Ranges: bytes
Content-Length: 442864
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/font-woff