r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11890
Expires: Mon, 05 Sep 2022 18:21:11 GMT
Date: Mon, 05 Sep 2022 15:03:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 14:39:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oRJflP5UwnMr6-lymjFXsvV-ubtRxSNFm9LT8TRTcnSNChl6Zosw7g==
Age: 1403
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: h85X59pzrAZA6BJiAZwfAL1ilOUOCPeFrxsNrT0kazNrG0lIGYCqVA==
age: 49664
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 15:03:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wholenesstofreedom.org/autem-quos/documents.zip
50.87.147.174301 Moved Permanently 263 B URL HTTP/1.1 wholenesstofreedom.org/autem-quos/documents.zip
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7049920d126c002fb3362db4438bb2a4
bf660d9294250cd47dd83490a6f4ece5ac0305a0
9e8846e0b4bac0b01da8b3d3402c2d1a0fa1f7e1049071a2a36043de160c878e
Analyzer Verdict Alert fortinet Malware
GET /autem-quos/documents.zip HTTP/1.1
Host: wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 15:03:01 GMT
Server: Apache
Location: https://wholenesstofreedom.org/autem-quos/documents.zip
Cache-Control: max-age=0
Expires: Mon, 05 Sep 2022 15:03:01 GMT
Content-Length: 263
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 14:38:16 GMT
Expires: Mon, 05 Sep 2022 15:21:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pv4EEo207pXzMZylJTXfae_4gTUPh6OQd_QQCTo0mLKuYtfKGpyTag==
Age: 1485
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6420
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 15:03:01 GMT
Last-Modified: Mon, 05 Sep 2022 13:16:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d0c4f3f10071fef05ee04cb90a4362af
c24f3c72a4c62f4b2413ecf6819b67e3382a272f
63683db28fd87f2d355768496879f1c8205fd10b5782308dd4d47c2ec24a6ae9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63683DB28FD87F2D355768496879F1C8205FD10B5782308DD4D47C2EC24A6AE9"
Last-Modified: Sun, 04 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18570
Expires: Mon, 05 Sep 2022 20:12:31 GMT
Date: Mon, 05 Sep 2022 15:03:01 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NVterLy7d0g6jQUJbJhxTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kdk3YzRFa4YQSBTlz4A4/ZJoLaU=
wholenesstofreedom.org/autem-quos/documents.zip
50.87.147.174301 Moved Permanently 0 B URL HTTP/2 wholenesstofreedom.org/autem-quos/documents.zip
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /autem-quos/documents.zip HTTP/1.1
Host: wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
expires: Mon, 05 Sep 2022 16:03:03 GMT
cache-control: max-age=3600
x-redirect-by: redirection
vary: Accept-Encoding
location: https://www.wholenesstofreedom.org/
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 05 Sep 2022 15:03:01 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11437
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 15:03:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11437
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 15:03:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11437
Expires: Mon, 05 Sep 2022 18:13:40 GMT
Date: Mon, 05 Sep 2022 15:03:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f567821-8e06-4951-99ce-e4f161bb68b8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f567821-8e06-4951-99ce-e4f161bb68b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af2dba4695867af2da0b689832f99393
b33bef0200ea8f8a64df0fdd28e648f36ed177d1
eecc3b2002b85f2f742f97b6fa4a2686c5e22fac3e73f4469357e0cfb554649e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f567821-8e06-4951-99ce-e4f161bb68b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11529
x-amzn-requestid: 5a708c64-a562-4082-bdb0-54a7e7ca4c96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqfLDEa3IAMFg7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630dabe0-50c8bda630d48d5866416a55;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 06:19:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wLCyRpkbM9GuCD0b68O8ttgaDNma8Dc18GetEWkNqo6bQJkuE44gKw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 03:46:14 GMT
age: 40609
etag: "b33bef0200ea8f8a64df0fdd28e648f36ed177d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 62012
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJTKTh88iyFXAiPJ-tCCEbqBo3A1cuTj2gCbfHkaVZ1WcgMOTyFfVg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 23:06:26 GMT
age: 57397
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7877df05329f39350f4907a067f5840e
21f33eca6863c382c216c16799d1bea83e40fbd9
94b943383bbd05d11ac0f9c3672e315c9cfaa5cb2299c3779195f08491969fa8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b438b1-ec2f-4d02-9da4-cca3c8bdf61b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4260
x-amzn-requestid: 024510ab-0cb7-421e-805b-fa54501d1e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpjFQGPVIAMFytQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d4bbb-4492cd20474c37337f8a5521;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 23:28:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Wk8myA4exuK32he7TlFoJtvtqHb0WcDhvSuo6-aN0dMcxIr7cDkU5Q==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:48:24 GMT
age: 62079
etag: "21f33eca6863c382c216c16799d1bea83e40fbd9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 61692
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fe061740ad833cfe7ff0fe078d6810d
15d0fc3fdced758b5797361bae0fd53341e0581d
5409b6775bca5afd03901975c61c27f267efe2c8a8e739f05ebc52a938c5a368
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5459
x-amzn-requestid: a75bf8a5-dc96-4a88-9de5-b79d1d62ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxB_bFMFoAMFkEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631049fc-2685c90962d8af5f4a7b5908;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 05:58:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YqgTII0TYwznz5DfHLFpfzTPh08akwJSWc3wIf-YpBgUrs84AYM2Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:15:00 GMT
age: 60483
etag: "15d0fc3fdced758b5797361bae0fd53341e0581d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/
50.87.147.174200 OK 23 kB URL HTTP/2 www.wholenesstofreedom.org/
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10849), with CRLF, LF line terminators
Hash 418827191cb5e05786f3da0259064c14
6845c97a0344e59a2d1896fffffcc7259bce0043
0bfa1b2963729e28ab9eca74cec5cc00a4c447c40541361fc2ef07bb58d9afe8
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 05 Sep 2022 08:19:10 GMT
accept-ranges: bytes
content-length: 23386
cache-control: max-age=0
expires: Mon, 05 Sep 2022 15:03:03 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 15:03:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 15:03:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a1326be01f8e1365a0794faa650c170
2d65c16eafe329f018c996c1b9e7d4c8c2164026
37d51469a4e2ac52a7cde6d5b4e01bba0095500bccd28a9ebdf80b3a3db51f78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5758
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 15:03:03 GMT
Last-Modified: Mon, 05 Sep 2022 13:27:05 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=G-GJFR4WCEMT
142.250.74.72200 OK 64 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-GJFR4WCEMT
IP 142.250.74.72:0
File type ASCII text, with very long lines (2994)
Hash 08520d4636d58f82e6b41a52180765c7
12504ce9c6005802122be9f7ce2d320f28b09dd1
ca451b210dbb73ff4784f180aa40408862da8e44a7da01165f73fe8f7ac37a71
GET /gtag/js?id=G-GJFR4WCEMT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 15:03:03 GMT
expires: Mon, 05 Sep 2022 15:03:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-F8TV2PV5PB
142.250.74.72200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-F8TV2PV5PB
IP 142.250.74.72:0
File type ASCII text, with very long lines (15517)
Hash 1bdbb3c854f8c9219f8001b5882a85e7
bcb9210545d2df01accaa936dad676aa4fd2563b
6b7e68ef53cf7f5ef6a351c14fa5522b172ed1b8bd713f0050a0ae2cac895f26
GET /gtag/js?id=G-F8TV2PV5PB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 15:03:03 GMT
expires: Mon, 05 Sep 2022 15:03:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74008
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 15:03:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0
50.87.147.174200 OK 7.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (305)
Hash 87d557baac562a1971d9f1a282349509
03a0767cc08fe5b430fe8a45e8c5bc3b736069a0
e9fd497e3e74ea41a6628712a0bb7e36a096b38c5d527fa18c3a7ec5f985d317
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-length: 7220
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7
50.87.147.174200 OK 511 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1756), with no line terminators
Hash 78f6ff6f6a4db1988a09ceb799cd8f80
cff8f6716ad98c4efa4899e0212de580a8135dbf
8445aa5aa392e898af8c9633bd4b2e25cb8042e22ce6416cb2a0aaafcc3b7387
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-length: 511
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0
50.87.147.174200 OK 1.5 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f8ad5321f418cc336b2d974166330511
327e2548b3442deb616790f2bb913dd8113f0278
6bce5ef6133f16dc096ded4443f6a03d5ef1beadfbad7ae2ffe1e1ada036b742
GET /wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-length: 1530
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
50.87.147.174409 Conflict 83 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1
50.87.147.174200 OK 12 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash c220a68e588d62a720ffacfa52ad31d3
430b0eb0bdf72cebd13d43d18b8a276847b7a786
c12f9fb0d32fe152c3306f864f398f965b24ac6ffe01697b2b05fac214d2991a
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-length: 12242
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.6.60
50.87.147.174200 OK 3.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.6.60
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11637), with no line terminators
Hash a678b3142d1cd03048a99f08cc028951
384bef2a3fdb57c9dc47994034a23d23546a7dc4
243eca2da170fe53242f5083c9e9ffbadada6a499cebc5487ff7e19f04fe1b43
GET /wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.6.60 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 22 Apr 2022 02:58:15 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-length: 2980
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
50.87.147.174200 OK 17 kB URL HTTP/2 www.wholenesstofreedom.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 12 Jul 2022 23:55:38 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-length: 16594
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-GJFR4WCEMT>m=2oe8v0&_p=942773802&gdid=dZGIzZG&cid=1384836986.1662390179&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662390179&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GJFR4WCEMT>m=2oe8v0&_p=942773802&gdid=dZGIzZG&cid=1384836986.1662390179&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662390179&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GJFR4WCEMT>m=2oe8v0&_p=942773802&gdid=dZGIzZG&cid=1384836986.1662390179&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662390179&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.wholenesstofreedom.org
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.wholenesstofreedom.org
date: Mon, 05 Sep 2022 15:03:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.stripe.com/v3/?ver=1.4.2
143.204.55.101200 OK 81 kB URL HTTP/2 js.stripe.com/v3/?ver=1.4.2
IP 143.204.55.101:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ab2016a67ed33778d98861a0757162ca
6eefcfe939c1798c9b9f3db6c26335b34f4fb200
f9cd06e0463cf9b289d806cbd011c093e1b76636eb9c45f4921ebdb9ec3e1920
GET /v3/?ver=1.4.2 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 19:27:27 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Mon, 05 Sep 2022 15:03:03 GMT
cache-control: max-age=60
etag: W/"c60bded5fc23fe5642fa6fa5eed6fe25"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6gZkLc8-rKQctVbnQCEES1U7HyhCsHsr1yhUgwjSfAVCCUbi7PnnZQ==
age: 21
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give-child/style.css?ver=1.0
50.87.147.174200 OK 231 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give-child/style.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5401dbb684cd2fb2d151a2a1600022f5
88c7e31fc7c00c09b9f9910f9aecbb01ecdbd1e0
5b5c1a94ba1f1f685bef929b39816faf78d79ae2f75e128d8a40c8ce78538dd6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give-child/style.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 231
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0
50.87.147.174200 OK 2.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1783)
Hash 101b2d63e3168bf82c4c7335e3f680d6
cc200d4ed1fe4247a6c21c46c003a506f67da7cc
c806202418ef3ae027763a5dc31bea440d0380fb8ae4cbe4af953d39b0b12b05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 2232
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0
50.87.147.174200 OK 1.1 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f2ebec633cfeadbd51311c020fb9949c
46cbb4c770df96919a2dae63251f0163b69eeaf2
e5751ef4c059b3159298617b95bd2f05a1385e0feb35a2edf3574f5dfec23529
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 1117
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
50.87.147.174409 Conflict 83 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
50.87.147.174409 Conflict 83 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4
50.87.147.174200 OK 903 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1651)
Hash a507661d6ee6db4dfdd25b6f6c4325fa
0159a63c6ad21962e13da4d125aa671ea266498a
6976d231e981a2705debffe94df2576a6211e4eef305e33c1852f2b1267a1820
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 22 Apr 2022 02:58:15 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 903
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.6.60
50.87.147.174200 OK 808 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.6.60
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1767)
Hash 98f772702cf50738db3c5acdfce6d469
952c683a54590573eee32f8bb1b8b9bf2ebe57f1
ffe9fa59491890f01bcc7df351e9443fac503e0aa7ef511065c5366fab0327ec
GET /wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.6.60 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 22 Apr 2022 02:58:15 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 808
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0
50.87.147.174200 OK 1.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 25b9ec27ff5db19efb7682330af1a06f
cf751465f430660c195912e6c689e7aad157b928
0e121f11f00a40e3289647897f1f1fce7e410e7a5f68a2976c219cd6cf8b11ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 1177
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0
50.87.147.174200 OK 895 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8cd8b81d8e9d1a80a608489b5bab6148
17db7eded8d75f71285c50c67cb2855ad9fb4ebc
74dd44b1c6bcae4f130320295415770afbbd4e3dacf290a9b0730f1c5bf20ef4
GET /wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 895
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7
50.87.147.174200 OK 577 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1679)
Hash 9f59ed6d66849581d12406a767dfe600
c4af7451d9ad02982e6e9cd45f8265d1d9dcfdb6
47e6bfbe2bfd68f65ef568ae8bbf2c8555ed6f035a1b65156310006688b243f2
GET /wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 577
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0
50.87.147.174200 OK 2.4 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash feb307ddb142f715794fe79017ddc432
3b3f234b5784f5374021bb3861add18400bd5b72
b7fefe6a4416c0bd4449e93f7c194d7e61e72f2873cd298ebff37ffc19f111e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 2384
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2
50.87.147.174200 OK 3.9 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1577)
Hash 0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.8.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sat, 27 Aug 2022 00:01:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 3861
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0
50.87.147.174200 OK 3.8 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (460)
Hash 4947de46614af682d0c033db2a5a99f3
a8caacbaccf3e8057c4ba5c6817b5312df192aa8
d5a1d94d423d0fac2493c55e7fddee7221c0cdb543220352eba296e52285049c
GET /wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 3809
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.6.60
50.87.147.174200 OK 1.3 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.6.60
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3019)
Hash f0875ec95951fca622c31c22219a5b04
3d2d64cbc7e9a5eadebd36659ad470d04bd6ae09
1dbab3aeca7018530cc6a8a6ccd1c401598f395828ddf85037190e181636a880
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.6.60 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 22 Apr 2022 02:58:15 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 1346
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0
50.87.147.174200 OK 1.9 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 40f78c8db330c0707d762ffdc3e816ff
9ba2b477193b526c6bca70c16b5a6a749abe2549
645ef77a105ce52691d8080e9692102ef05f3b967f93a831c00893dbb4b205e5
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 1924
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.6
50.87.147.174200 OK 5.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.6
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (53826)
Hash 9efd7d6365e9c678efa020552abf7f30
4f4b40cd3dce51f811f798bb541b714390c09c01
98950fa8da02826015730a69db52eae9f64cdfcad4db72ec0713ce6a1ec3f394
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=5.6 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 4996
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.6
50.87.147.174200 OK 7.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.6
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30449)
Hash 61fc673259be88dcedc1a85c0614511c
7967199fc67d6434075da8a02add9c3e69d5d5a0
d62aff2326cc8b721afc3c9f511026d3d20a4bff9696fed7ad9d4cfd818ed443
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.6 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 7022
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0
50.87.147.174200 OK 7.5 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type troff or preprocessor input, ASCII text
Hash c2566da65169bd967f821f5d93b8a406
935c2ab3c43a3238e9f519d679aa2e809c81d99a
425e47f47e354398dd5f59ceebb72461688926a590cc68af7bde16ce7a63f904
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 7542
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.6
50.87.147.174200 OK 3.1 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.6
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7808)
Hash d24f70901f104dd76b430252bb3bf2e1
784b0ea20fea97b9bb7ee56f0b3436895c2e5c15
915b4f416c548cf1e57c127aae747569cc4b2918453e509889bc24d7ce3fe692
GET /wp-content/plugins/js_composer/assets/lib/waypoints/waypoints.min.js?ver=5.6 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 3126
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.6.60
50.87.147.174200 OK 3.5 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.6.60
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10613)
Hash 1c266176e84b0b9296e9b2b71e1e9c7b
abaa49605e9708961b7f365de890a255580f81a7
b8154273fe29e17e3a4360f2243568b068e05a4db0fd7a5d74667757a1f83ace
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.6.60 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 22 Apr 2022 02:58:15 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 3530
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
50.87.147.174200 OK 9.3 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash efcd20e20b6f0870628a30513b22cf14
3974a9212ca714e1147b97abd4d03167f0012f7e
0586ae89290e8b96402ca804152e58884f9a8c7ef79f4a8f5409dfb17ffeb2f5
GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:17 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 9262
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0
50.87.147.174200 OK 4.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 51af100a0b61740b796a3cc873ff93ba
12c4a5168e6559dbbe04a6e0189badfd9945399c
6711b890da64b05da0d077dda9b213f75c74ce5c270507c6987ceaa839f59385
GET /wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 4246
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0
50.87.147.174200 OK 14 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32049)
Hash 5ba997f51189a0203209b7122ad09565
282e88d72a4357c15583de30eb3ab3a5bb162333
ba4c228290b11b1557d7df611adf91a6a49011ebc1ea22d4bfd8a38bf86cfa6a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 13577
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.6
50.87.147.174200 OK 6.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.6
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12478)
Hash 95d0502ae31ad8865532868ba36162ef
599c867c06df6fa9784f4492bda6c7b083d5b3ab
c2b709d886ab94a636114b677dc719ed253ba65384a51f6afd23908340378a23
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.6 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 6244
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0
50.87.147.174200 OK 6.9 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14502)
Hash c6d9394fda425876c2328599c4411498
e72dd420c3f060f5b359a59e5dee3d2fa37e3fbf
e711f49f904d37cf2166237f7b535018ce2ee79a61acf371f59c70bf844eb8e4
GET /wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 6873
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.6
50.87.147.174200 OK 7.1 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.6
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19706), with no line terminators
Hash 3224472ff3e8104a9d96d134cb014f26
b59e297dfb8190c7e03018f0715e80e4576334e5
738872ca6c0fa0cbc3cdd1f93f975d398b6aec3a9b07e8573c09a823c9d0f875
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.6 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 7131
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0
50.87.147.174200 OK 7.9 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (377)
Hash 9fad3cec65baddfcbdb8073444092107
b39fd4bc732101c4de320e10d58c8a12903d7b8c
a6a8a0c43dfda70f1f1cfa01412dbb60d5c3a5854cfd39e6c694d57fab5c3bf2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/js/init.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 7946
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0
50.87.147.174200 OK 9.6 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21014)
Hash 006ebdd6b49adaffd1cb172bb699ba1b
34b1c1356f74b47f38ba4de7596693142c1794c5
82dcb093f13742e059bc47bebfdba4f9cbb517525731b9d7b782ea16947677f8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 9589
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0
50.87.147.174200 OK 11 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a2aad3189aa3aaadb193d61c2b3a1f5e
fff7618c10068982d0dfe332e4fce693119cb492
53ff99d05aaf7df988c73687c8406a8c31ba491657d0ebba925e547630c0492b
GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 11181
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0
50.87.147.174200 OK 12 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 97c7e9944fabdd9356d5a8f97cf9fee6
043c0486ddd9e50d93e0411ba9624039bec3fbb6
5dfcea994f4e4bbbfa93154e79f1111598d13050e373f26ede698609859beb79
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 12213
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0
50.87.147.174200 OK 14 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32003)
Hash 90b602e96dc8686ce38d4716c58e7284
701fb82d49244c5ebc04414adee026021f3a251e
d390d1917f2110b49e28e8f78523b3d72c333ef332f4759501e37d1113e92625
GET /wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-length: 14315
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/footer-logo-e1591827897264.png
50.87.147.174200 OK 5.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/footer-logo-e1591827897264.png
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 427 x 60, 8-bit colormap, non-interlaced\012- data
Hash cfc16b418c97957ec0fb6d58622b598b
b35499474c81749a0033ed656d486742c1e80237
75ef11a072b3649e7f4902b02b8bf8bbd5239149594be86fbdd830fa656a6cda
GET /wp-content/uploads/2020/06/footer-logo-e1591827897264.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:34:22 GMT
accept-ranges: bytes
content-length: 4984
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/png
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png
50.87.147.174200 OK 8.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 317 x 73, 8-bit colormap, non-interlaced\012- data
Hash 9d2c9cf2594b42f0dd681d41de6f05fa
f808330a44b3c6155a56618a3a6feee73169094a
0a332dd335478654ace336353b7faeb7c2ab95d4b7caa164a757b3c4aa209eec
GET /wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:41:34 GMT
accept-ranges: bytes
content-length: 8194
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/png
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-2.jpg
50.87.147.174200 OK 9.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-2.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Hash 122772576929877a1e303482d4f77f49
3b13f1af32580e9e79c053a141be80aafa1f3812
1be76afe4f9ee8ec44b00101836c95154736d58f1a760169bd9eba27baf366a5
GET /wp-content/uploads/2020/06/content-box-2.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 9237
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-5.jpg
50.87.147.174200 OK 11 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-5.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Hash d95dfc4d5c13c7adf503ecbf19674a3f
caae1108fc0a26c6a9e0cf917345f8a7f0e724ff
03f6bbf1642223f38e76d2c553b65a59491e0b81fc6e17da037f40d780c82297
GET /wp-content/uploads/2020/06/content-box-5.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 10926
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-1.jpg
50.87.147.174200 OK 14 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-1.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Hash 754c8f903c5cefaeeb61f66f75293937
3526c2db941da0d4010cc99ba65ced076e25cd34
35a14ceb04bb46b28d042765d9906ed32115b71bb9e88e5cbd70467144aef9cd
GET /wp-content/uploads/2020/06/content-box-1.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 13855
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-4.jpg
50.87.147.174200 OK 20 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-4.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 360x270, components 3\012- data
Hash 9276523abea9242110d453415e089d70
4b2213ce0a4e38013227eb09e7ae44eee3e2ade6
2d410ceb2f84455efaf751a4e0b486781130ad45f4be77d31af64fbdd6830ede
GET /wp-content/uploads/2020/06/content-box-4.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:40:16 GMT
accept-ranges: bytes
content-length: 19796
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
50.87.147.174409 Conflict 83 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/images/loader.gif
50.87.147.174200 OK 604 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/images/loader.gif
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 16 x 16\012- data
Hash 54dafab72c7ad4425d572a3eb4b8a050
4f39e547ca948ed0e515d46f76e3304d42c17846
88295ba8ceae926052e37403b4613b76ce6e5626393937f55ddc63ed015ca46d
GET /wp-content/themes/born-to-give/assets/images/loader.gif HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=6.0.2
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
content-length: 604
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:08 GMT
content-type: image/gif
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0
50.87.147.174200 OK 2.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type troff or preprocessor input, ASCII text
Hash 82303cc8f20f18963755d4393d0d664c
1981ae3a7c47cb4832dfac867f5697dcc4fedf67
a7a91692f223398e340268102da47345d5b0bf15841151510121c10bd229c4ac
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:08 GMT
content-encoding: gzip
content-length: 1960
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/clock-icon.png?id=2581
50.87.147.174200 OK 2.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/clock-icon.png?id=2581
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 700 x 225, 4-bit colormap, non-interlaced\012- data
Hash 169a7b7f35665c1000c654b9fa7e5f65
30d4290372f472ffcc6a3e326322e44a9c0cf384
e125fed0bf281a5a81a6bc4876ca75c8ca928650173bf173201a885e582d54e8
GET /wp-content/uploads/2020/06/clock-icon.png?id=2581 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:38:30 GMT
accept-ranges: bytes
content-length: 1993
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:08 GMT
content-type: image/png
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/hand-icon-2.png?id=2580
50.87.147.174200 OK 2.7 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/hand-icon-2.png?id=2580
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 700 x 225, 8-bit colormap, non-interlaced\012- data
Hash ab7185a5cca91f87641c4051317281e7
d2bd18ec9edcee1d9a5e50776204b4f2ac2e843c
decb4a85e68583477b05bc5675ba1f0f373c27e8167c9eb97e555bfd15e61228
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/06/hand-icon-2.png?id=2580 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:38:50 GMT
accept-ranges: bytes
content-length: 2651
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:08 GMT
content-type: image/png
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/project-3.png?id=2578
50.87.147.174200 OK 2.8 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/project-3.png?id=2578
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 500 x 225, 8-bit colormap, non-interlaced\012- data
Hash a02d14f0acbfe55a2a59114f886958fe
6b6b60afaa3b6e5a5fa49bb767781e6f710c6a88
1ce162cd69a42078083d88d77b35139496df3436c875325a4bd64ac5bb90cfab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/06/project-3.png?id=2578 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:39:10 GMT
accept-ranges: bytes
content-length: 2751
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:08 GMT
content-type: image/png
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.6
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 21:51:16 GMT
accept-ranges: bytes
content-length: 77160
cache-control: max-age=10368000
expires: Tue, 03 Jan 2023 15:03:08 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 04:17:03 GMT
accept-ranges: bytes
content-length: 149315
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 11 Mar 2022 02:57:04 GMT
accept-ranges: bytes
content-length: 36679
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:17 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:39:26 GMT
accept-ranges: bytes
content-length: 284573
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:08 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-3.jpg
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-3.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2020/06/content-box-3.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 31804
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=6.0.2
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=6.0.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/style.css?ver=6.0.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 1092367
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:08 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:08 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/tagline-2-e1591803536501.png
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/tagline-2-e1591803536501.png
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2020/06/tagline-2-e1591803536501.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_GJFR4WCEMT=GS1.1.1662390179.1.0.1662390179.0.0.0; _ga=GA1.1.1384836986.1662390179; _ga_F8TV2PV5PB=GS1.1.1662390179.1.0.1662390179.0.0.0; charitable_session=a333e10a232837c520354d264167bce3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:41:04 GMT
accept-ranges: bytes
content-length: 63257
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:09 GMT
content-type: image/png
date: Mon, 05 Sep 2022 15:03:09 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-includes/css/dashicons.min.css?ver=6.0.2
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 11:58:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-6.jpg
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-6.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2020/06/content-box-6.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 40577
cache-control: max-age=10368000, public
expires: Tue, 03 Jan 2023 15:03:04 GMT
content-type: image/jpeg
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:04 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Mon, 05 Sep 2022 15:03:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.6
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.6
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.6 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Tue, 05 Sep 2023 15:03:03 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Mon, 05 Sep 2022 15:03:03 GMT
server: Apache
X-Firefox-Spdy: h2