wholenesstofreedom.org/autem-quos/documents.zip
50.87.147.174301 Moved Permanently 263 B URL HTTP/1.1 wholenesstofreedom.org/autem-quos/documents.zip
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7049920d126c002fb3362db4438bb2a4
bf660d9294250cd47dd83490a6f4ece5ac0305a0
9e8846e0b4bac0b01da8b3d3402c2d1a0fa1f7e1049071a2a36043de160c878e
Analyzer Verdict Alert fortinet Malware
GET /autem-quos/documents.zip HTTP/1.1
Host: wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Jan 2023 05:35:12 GMT
Server: Apache
Location: https://wholenesstofreedom.org/autem-quos/documents.zip
Cache-Control: max-age=0
Expires: Wed, 18 Jan 2023 05:35:12 GMT
Content-Length: 263
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12510
Expires: Wed, 18 Jan 2023 09:03:43 GMT
Date: Wed, 18 Jan 2023 05:35:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11550
Expires: Wed, 18 Jan 2023 08:47:43 GMT
Date: Wed, 18 Jan 2023 05:35:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 04:49:19 GMT
content-type: application/json
age: 2754
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Wed, 18 Jan 2023 08:37:36 GMT
Date: Wed, 18 Jan 2023 05:35:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OQeJytErRs71xVLBSY+GBoDK1Ze21OlAZMhImD9A+UWIkbKmWWhEEpTht4pxZWGlg8O5qb8Jk3s=
x-amz-request-id: MH6SM3W2TFSXTCFS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 04:56:33 GMT
age: 2320
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 05:35:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 04:48:57 GMT
age: 2776
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cd14c51d57b8c23e0867d4e8f74f41e1
a23abed88193d68131b3912b542d5d839adbe9b0
109c416d630f820e682de6d099ae38a520aa296ad1f0fe8bbebf3927c83b4f66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "109C416D630F820E682DE6D099AE38A520AA296AD1F0FE8BBEBF3927C83B4F66"
Last-Modified: Tue, 17 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Wed, 18 Jan 2023 11:34:36 GMT
Date: Wed, 18 Jan 2023 05:35:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 640
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:13 GMT
Last-Modified: Wed, 18 Jan 2023 05:24:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
wholenesstofreedom.org/autem-quos/documents.zip
50.87.147.174301 Moved Permanently 0 B URL HTTP/2 wholenesstofreedom.org/autem-quos/documents.zip
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /autem-quos/documents.zip HTTP/1.1
Host: wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
expires: Wed, 18 Jan 2023 06:35:14 GMT
cache-control: max-age=3600
x-redirect-by: redirection
vary: Accept-Encoding
location: https://www.wholenesstofreedom.org/
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:35:13 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.4.251101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.4.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +SiGeMqgjmW60ipB896XoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a6PDymv7k5LetmwuKbuTqaRnwxw=
www.wholenesstofreedom.org/
50.87.147.174200 OK 33 kB URL HTTP/2 www.wholenesstofreedom.org/
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash 057edd9fd7b0a5a903bfecd1469a31b7
8a86116b42a49f2281d841593bf4edda5c8f6dd7
37b1f3e9cbbcc0d7030c8d593bc4d8684db114696b0b47b9d73b3215460da080
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 18 Jan 2023 04:18:33 GMT
accept-ranges: bytes
content-length: 32912
cache-control: max-age=0
expires: Wed, 18 Jan 2023 05:35:14 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-F8TV2PV5PB
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-F8TV2PV5PB
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash ae4fcfd3bb8289f17828764cc78bf68d
419a8b535f6058a4b6b23b6fd0ff5ac54f2e4c46
ed0b7572376339337ac819131a674b1c5e57d0adf8274ecb774ff4a79d132ec3
GET /gtag/js?id=G-F8TV2PV5PB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Jan 2023 05:35:14 GMT
expires: Wed, 18 Jan 2023 05:35:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-GJFR4WCEMT
142.250.74.168200 OK 67 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-GJFR4WCEMT
IP 142.250.74.168:0
File type ASCII text, with very long lines (3974)
Hash 43972b94ad3d3fe1a0d021772f6a9193
59c8887376867b7ea5fefd8d33b7a35900f52e1c
73a3296e6a6aba25f3489d802ae06146a43624e93220d2b16bf728f0d9d9bc7c
GET /gtag/js?id=G-GJFR4WCEMT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Jan 2023 05:35:14 GMT
expires: Wed, 18 Jan 2023 05:35:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-includes/css/classic-themes.min.css?ver=1
50.87.147.174200 OK 189 B URL HTTP/2 www.wholenesstofreedom.org/wp-includes/css/classic-themes.min.css?ver=1
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 04:53:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 189
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f404da3b1abdefd6f64e8ab04e9cb72c
f370005dff7facaadd69b0798429288c7a7dfeb7
6401934189fb3b3e98c348bce0803f026e71bd48050af1879f19730f398d1e09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5501
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:15 GMT
Last-Modified: Wed, 18 Jan 2023 04:03:35 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
js.stripe.com/v3/?ver=1.7.0.5
151.101.192.176200 OK 104 kB URL HTTP/2 js.stripe.com/v3/?ver=1.7.0.5
IP 151.101.192.176:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 104 kB (103498 bytes)
Hash bf9625a8fa2006f329464fc6234ac1d5
4abecae713f16c460ae555f63f89bfaf3bcf8e6c
d79c53ccc6286d0bb2fcf732041c8fe0f8f1e55810f074d49b5ba744da122785
GET /v3/?ver=1.7.0.5 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 17 Jan 2023 20:52:04 GMT
etag: "8a172aed28941e27d69f8834d3cc6245"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Wed, 18 Jan 2023 05:35:15 GMT
via: 1.1 varnish
age: 44
x-request-id: 2f7b0fac-2687-46c9-bd8b-02aa655aef38
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 5
vary: Accept-Encoding
timing-allow-origin: *
content-length: 103498
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.7.0.5
50.87.147.174200 OK 3.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.7.0.5
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11637), with no line terminators
Hash a678b3142d1cd03048a99f08cc028951
384bef2a3fdb57c9dc47994034a23d23546a7dc4
243eca2da170fe53242f5083c9e9ffbadada6a499cebc5487ff7e19f04fe1b43
GET /wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.7.0.5 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 2980
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0
50.87.147.174200 OK 7.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (305)
Hash f041fd6c32f86ab9b26558833a78bae0
f68ffed0cb57c6830a2dc8a05d5d8bacb31c8a0c
a786422aed25fb0a59f5ad16fc1d2e8fd32fe0dec3863ff34dded0235eb2da29
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 7231
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7
50.87.147.174200 OK 511 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1756), with no line terminators
Hash 78f6ff6f6a4db1988a09ceb799cd8f80
cff8f6716ad98c4efa4899e0212de580a8135dbf
8445aa5aa392e898af8c9633bd4b2e25cb8042e22ce6416cb2a0aaafcc3b7387
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 19 Oct 2022 02:46:31 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 511
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0
50.87.147.174200 OK 1.5 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f8ad5321f418cc336b2d974166330511
327e2548b3442deb616790f2bb913dd8113f0278
6bce5ef6133f16dc096ded4443f6a03d5ef1beadfbad7ae2ffe1e1ada036b742
GET /wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 1530
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15385
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 05:35:15 GMT
Connection: keep-alive
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0
50.87.147.174200 OK 28 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3bcb66babe48ef567184fa9b9b3c8f18
b70c2384c382dfcb9ab4dcfa7550e2593eb030db
d3721134ff0cdb2df314e756f2ef93903d13d35b39702977158d07dbf58094d9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15385
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 05:35:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15385
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 05:35:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15385
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 05:35:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zGNahizGhnMhpQxlxsexepYOI7y_40It8BrZjAd041J8Ws-jBYL0Ng==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:12 GMT
age: 27363
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6BKCGEtoAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:45 GMT
age: 27330
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 816accd72419764cabc1d038af58446c
ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08
d0b6f144ddc797108e6e85b4e835bfbeadd138ef7987661ee9e3d22790db254f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8889
x-amzn-requestid: 10583804-866b-41bc-a99b-6209bd7ae1c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1eHMCoAMF4kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ef-2351e46019a0918724721b89;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vPjapwQ2XBhjwPeNVzi3NQ0YSMyseKuyavdCo2CTFoxrRkiKXVu7lw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:08 GMT
age: 27247
etag: "ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 402bdd90bc2557de4f317d4d0ec892ed
b205b0bb74fabcf1612f22db53c197b63ae4ce0c
2fa402a38832c3efe15d5fee9116b36aeea5a0012ba4e8d6477b4fa9a0368598
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11028
x-amzn-requestid: 2b2b0030-a54b-42d1-a680-69e23c4320bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AteE7uIAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-5abf38ea140446ec294cdf6c;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 36gRhJPc8ASKV6h7W1qvKx-fca-KbtnNDFJqmumSHU38JBpoDdtL3Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 07:15:23 GMT
age: 80392
etag: "b205b0bb74fabcf1612f22db53c197b63ae4ce0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8574104d-a2ec-4c79-98a7-63d8deaf9a02.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8574104d-a2ec-4c79-98a7-63d8deaf9a02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 611a72259b116192667411e884b90843
ee43d356cb1fa30ece3e8c6c0c5d21827017199a
1a6b9636c4417c8e5976b13451cebd7fda585a607f1ef97d25fc0ee9e752f707
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8574104d-a2ec-4c79-98a7-63d8deaf9a02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13094
x-amzn-requestid: c51667e3-4c74-4c43-93bb-5dff7d684fb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K84EquoAMFR2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-012b4ee95ae813250c703b51;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XgoT6J4DRRw5NtW5DcvadI9YUL4kqOKO0P8MqUhpcigaqtSTAuevUw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:19:53 GMT
age: 4522
etag: "ee43d356cb1fa30ece3e8c6c0c5d21827017199a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26fa7bd40b5c3a3b5a6f95e7fca843b9
d8064f74f1e40bf6be4ea8ab4e319db22026c462
3e7744acf3e7ace6931c28cb5a5d3d7a77d9b97855b864c5c774368f2d0719c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7361
x-amzn-requestid: 54e3621a-ec24-4d56-85bf-84239fa7811e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e23ZvGtnIAMFivg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5d2a4-7ce0e7924c03aeaa3ea684c3;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 22:41:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hamm4_4ud3QWXK2EeTcYUSN7ot6m-d-1z_NN29tSFYP25Itmz25jaA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 14:16:01 GMT
age: 55154
etag: "d8064f74f1e40bf6be4ea8ab4e319db22026c462"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
50.87.147.174409 Conflict 83 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
50.87.147.174409 Conflict 83 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Playfair%20Display%7CDosis%7CPlayfair%20Display&subset=&display=swap
142.250.74.106200 OK 641 B URL HTTP/2 fonts.googleapis.com/css?family=Playfair%20Display%7CDosis%7CPlayfair%20Display&subset=&display=swap
IP 142.250.74.106:0
Hash b4f9237f8733dba55f78fe704afd7282
dd182a9af82cc1917dbb9d58116480434245b353
07c95cba26d0f87e4c447850cceb0b393731332281d76e1823216edba2f574b2
GET /css?family=Playfair%20Display%7CDosis%7CPlayfair%20Display&subset=&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 18 Jan 2023 05:35:14 GMT
date: Wed, 18 Jan 2023 05:35:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give-child/style.css?ver=1.0
50.87.147.174200 OK 195 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give-child/style.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 552e25d355afc04d6c15e8f233e0a6a0
5dde284e197bb43921667e7a6ffeaa6380af7680
23542ff2bc9a5ebf1427ae796a1dcadda47eec3d2c4ec197bf5fd6b3cf4066b5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give-child/style.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:25:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 195
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.7.0.5
50.87.147.174200 OK 809 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.7.0.5
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1767)
Hash ddaad342f9e2eee77981b63a40bb0177
1663707ebe4701d1ea6a6c6f481b97d8a7739041
4e2973da84e67ede9013a65ec506ad21397de4b214a1d99425ecc15318107ce5
GET /wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.7.0.5 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 809
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0
50.87.147.174200 OK 2.4 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash feb307ddb142f715794fe79017ddc432
3b3f234b5784f5374021bb3861add18400bd5b72
b7fefe6a4416c0bd4449e93f7c194d7e61e72f2873cd298ebff37ffc19f111e3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 2384
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0
50.87.147.174200 OK 3.8 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (460)
Hash 4947de46614af682d0c033db2a5a99f3
a8caacbaccf3e8057c4ba5c6817b5312df192aa8
d5a1d94d423d0fac2493c55e7fddee7221c0cdb543220352eba296e52285049c
GET /wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 3809
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0
50.87.147.174200 OK 6.9 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (14502)
Hash c6d9394fda425876c2328599c4411498
e72dd420c3f060f5b359a59e5dee3d2fa37e3fbf
e711f49f904d37cf2166237f7b535018ce2ee79a61acf371f59c70bf844eb8e4
GET /wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 6873
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-F8TV2PV5PB>m=2oe1a1&_p=839823893&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-F8TV2PV5PB>m=2oe1a1&_p=839823893&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-F8TV2PV5PB>m=2oe1a1&_p=839823893&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.wholenesstofreedom.org
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.wholenesstofreedom.org
date: Wed, 18 Jan 2023 05:35:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-GJFR4WCEMT>m=2oe1a1&_p=839823893&gdid=dZGIzZG&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GJFR4WCEMT>m=2oe1a1&_p=839823893&gdid=dZGIzZG&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GJFR4WCEMT>m=2oe1a1&_p=839823893&gdid=dZGIzZG&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.wholenesstofreedom.org
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.wholenesstofreedom.org
date: Wed, 18 Jan 2023 05:35:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0
50.87.147.174200 OK 12 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 97c7e9944fabdd9356d5a8f97cf9fee6
043c0486ddd9e50d93e0411ba9624039bec3fbb6
5dfcea994f4e4bbbfa93154e79f1111598d13050e373f26ede698609859beb79
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 12213
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4
50.87.147.174200 OK 903 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1651)
Hash f0c8671e4f3b2742c7a17b919ee39b0d
efeb582ee4b04e4e05dec4dec12e1f7c47bb64a2
282698b2ec434d540848216bc9a81bb34612e1bd42ee9aa3dbaee3275b48b2c6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 903
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0
50.87.147.174200 OK 1.1 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7a8b69b7dfa49ad3f740515b6cbe1f16
4a0f6c5e76cb1ee3b5f6c276da57109f5043a5a4
92509d4b59b6982d554a8138162b2006c6dc9ec4d7705efd11bdd33ae76b6b28
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 1117
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0
50.87.147.174200 OK 1.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 25b9ec27ff5db19efb7682330af1a06f
cf751465f430660c195912e6c689e7aad157b928
0e121f11f00a40e3289647897f1f1fce7e410e7a5f68a2976c219cd6cf8b11ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 1177
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0
50.87.147.174200 OK 895 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8cd8b81d8e9d1a80a608489b5bab6148
17db7eded8d75f71285c50c67cb2855ad9fb4ebc
74dd44b1c6bcae4f130320295415770afbbd4e3dacf290a9b0730f1c5bf20ef4
GET /wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 895
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0
50.87.147.174200 OK 2.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1783)
Hash 437b343ed450c31030712423a3b61f0f
1968a5250f06a291674d301d631fb1bb3f62c501
fb4f5bc0eeb9b8223faecab1df270f50ecf904b891f4215898caf9b46fb43e45
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 2235
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
50.87.147.174200 OK 3.9 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1577)
Hash 0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 13 Jan 2023 00:34:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 3861
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7
50.87.147.174200 OK 577 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1679)
Hash 9f59ed6d66849581d12406a767dfe600
c4af7451d9ad02982e6e9cd45f8265d1d9dcfdb6
47e6bfbe2bfd68f65ef568ae8bbf2c8555ed6f035a1b65156310006688b243f2
GET /wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 19 Oct 2022 02:46:31 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 577
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0
50.87.147.174200 OK 4.8 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (51719)
Hash bbb73736be32eb084dfece7d92f79b8b
edfda1062d1abe6f9762c3cfa658586aa363554e
eabef9d2d86c3d7204a06468e84e036e6772af3ed222ab0bebb4a224baf1ede8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 4776
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0
50.87.147.174200 OK 6.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (27285)
Hash dc1824da32acde493a99791cb0659e6c
c88eb5b8490f97dd5d420b9a0525cae7ddf81175
262b48ab99c53c79f039f8245bfefdd7f9416d39b97d0a488f4da8ca8654008f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 6243
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0
50.87.147.174200 OK 7.5 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type troff or preprocessor input, ASCII text
Hash c2566da65169bd967f821f5d93b8a406
935c2ab3c43a3238e9f519d679aa2e809c81d99a
425e47f47e354398dd5f59ceebb72461688926a590cc68af7bde16ce7a63f904
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 7542
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
50.87.147.174200 OK 9.3 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash efcd20e20b6f0870628a30513b22cf14
3974a9212ca714e1147b97abd4d03167f0012f7e
0586ae89290e8b96402ca804152e58884f9a8c7ef79f4a8f5409dfb17ffeb2f5
GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 19 Oct 2022 02:46:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 9262
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0
50.87.147.174200 OK 14 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32049)
Hash 5ba997f51189a0203209b7122ad09565
282e88d72a4357c15583de30eb3ab3a5bb162333
ba4c228290b11b1557d7df611adf91a6a49011ebc1ea22d4bfd8a38bf86cfa6a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 13577
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0
50.87.147.174200 OK 1.9 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 40f78c8db330c0707d762ffdc3e816ff
9ba2b477193b526c6bca70c16b5a6a749abe2549
645ef77a105ce52691d8080e9692102ef05f3b967f93a831c00893dbb4b205e5
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 1924
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
50.87.147.174200 OK 17 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 175f82f86674b33fb2ebaf60de1a37c4
8aff200288093da132221fcd07dc2f53cef40eb4
af1495051b20f939690c74e7ec86a2398c8953e9cb449196a63c34dbc247281a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 16784
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5
50.87.147.174200 OK 1.3 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3019)
Hash f0875ec95951fca622c31c22219a5b04
3d2d64cbc7e9a5eadebd36659ad470d04bd6ae09
1dbab3aeca7018530cc6a8a6ccd1c401598f395828ddf85037190e181636a880
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 1346
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/footer-logo-e1591827897264.png
50.87.147.174200 OK 5.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/footer-logo-e1591827897264.png
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 427 x 60, 8-bit colormap, non-interlaced\012- data
Hash cfc16b418c97957ec0fb6d58622b598b
b35499474c81749a0033ed656d486742c1e80237
75ef11a072b3649e7f4902b02b8bf8bbd5239149594be86fbdd830fa656a6cda
GET /wp-content/uploads/2020/06/footer-logo-e1591827897264.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:34:22 GMT
accept-ranges: bytes
content-length: 4984
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg
50.87.147.174200 OK 37 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x192, components 3\012- data
Hash bc9fadfbce47b41c3de272acea70001f
93b058f701113d2661ed28c1bba27ea9d15f63f3
95488a4525fc07935ce83bed7866ddfc0369904ed89fbbd6b8b28d6ef334b4a2
GET /wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 11 Mar 2022 02:57:04 GMT
accept-ranges: bytes
content-length: 36679
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5
50.87.147.174200 OK 3.7 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11046), with no line terminators
Hash 7354ac582d0abf70cb3040a5e71f61ea
519a413e7a995c8f993d31e00417706e68a746c9
f8c8a7db6bbc14588ab38fcb19928ed0463bb2dceb3440b16b58ceae5d0d69d2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 3658
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0
50.87.147.174200 OK 3.3 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8853)
Hash 5e64f5fd6495dfc1fc6e4e09633ce3c6
f25ab01843b551a17392b49e62de0ee55b3b42b2
9a1fa9a504e2329245fe415f0ac5642579a9a745c854f6e9a1ff6cd01f5b604a
GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 3306
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Hash a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.wholenesstofreedom.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:34:17 GMT
expires: Wed, 17 Jan 2024 15:34:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
age: 50459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png
50.87.147.174200 OK 8.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 317 x 73, 8-bit colormap, non-interlaced\012- data
Hash 9d2c9cf2594b42f0dd681d41de6f05fa
f808330a44b3c6155a56618a3a6feee73169094a
0a332dd335478654ace336353b7faeb7c2ab95d4b7caa164a757b3c4aa209eec
GET /wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:41:34 GMT
accept-ranges: bytes
content-length: 8194
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-2.jpg
50.87.147.174200 OK 9.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-2.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Hash 122772576929877a1e303482d4f77f49
3b13f1af32580e9e79c053a141be80aafa1f3812
1be76afe4f9ee8ec44b00101836c95154736d58f1a760169bd9eba27baf366a5
GET /wp-content/uploads/2020/06/content-box-2.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 9237
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-5.jpg
50.87.147.174200 OK 11 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-5.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Hash d95dfc4d5c13c7adf503ecbf19674a3f
caae1108fc0a26c6a9e0cf917345f8a7f0e724ff
03f6bbf1642223f38e76d2c553b65a59491e0b81fc6e17da037f40d780c82297
GET /wp-content/uploads/2020/06/content-box-5.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 10926
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0
50.87.147.174200 OK 4.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 51af100a0b61740b796a3cc873ff93ba
12c4a5168e6559dbbe04a6e0189badfd9945399c
6711b890da64b05da0d077dda9b213f75c74ce5c270507c6987ceaa839f59385
GET /wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 4246
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0
50.87.147.174200 OK 6.4 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12478)
Hash 30cd63f56380f5c6d763d4c9d5c9c134
37c8d1ba553f8d6734138a940373e5d8696b6717
a66de079905c68e6d31151cf9d304a310a1652846cac219781f7abb98e4e465d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 6378
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-1.jpg
50.87.147.174200 OK 14 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-1.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Hash 754c8f903c5cefaeeb61f66f75293937
3526c2db941da0d4010cc99ba65ced076e25cd34
35a14ceb04bb46b28d042765d9906ed32115b71bb9e88e5cbd70467144aef9cd
GET /wp-content/uploads/2020/06/content-box-1.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 13855
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-4.jpg
50.87.147.174200 OK 20 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-4.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 360x270, components 3\012- data
Hash 9276523abea9242110d453415e089d70
4b2213ce0a4e38013227eb09e7ae44eee3e2ade6
2d410ceb2f84455efaf751a4e0b486781130ad45f4be77d31af64fbdd6830ede
GET /wp-content/uploads/2020/06/content-box-4.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:40:16 GMT
accept-ranges: bytes
content-length: 19796
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
50.87.147.174200 OK 7.2 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20096)
Hash 0d6847600aac71ee1e060272e8795d90
efcad83a912cd1d9fc5ccb901169769ad268e378
8c105b6acc26cfa2d4cf910c10044bd1e39fec92333adc9fc43681ede25ce103
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 7183
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0
50.87.147.174200 OK 7.8 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5623e38a4742a3e22236ed68a8229e81
1c4a2274b118b6f15f7d490418d5c4bba157b2ba
c5c220be7c09ba533f23d9495092921473c481bd810467439a0a26cb92b62368
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/js/init.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 7814
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0
50.87.147.174200 OK 9.6 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21014)
Hash 006ebdd6b49adaffd1cb172bb699ba1b
34b1c1356f74b47f38ba4de7596693142c1794c5
82dcb093f13742e059bc47bebfdba4f9cbb517525731b9d7b782ea16947677f8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 9589
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-3.jpg
50.87.147.174200 OK 32 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-3.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Hash 6aa73ff061256221395b65f2074545e8
9e5430b2d040f6eefe1f9e540d794a95074a701d
1be0f52573e432fd6112acb8cdcd92e64b7227b73be5b799cb906d67191f535f
GET /wp-content/uploads/2020/06/content-box-3.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 31804
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0
50.87.147.174200 OK 11 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a2aad3189aa3aaadb193d61c2b3a1f5e
fff7618c10068982d0dfe332e4fce693119cb492
53ff99d05aaf7df988c73687c8406a8c31ba491657d0ebba925e547630c0492b
GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 11181
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-6.jpg
50.87.147.174200 OK 41 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-6.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Hash 232218ff3c5f443155dbf5bc044b3aa1
5a98ab7e3fcb6dd4b81978b42143413e1446737a
a00b84b6aed78b1b5d54a78b79dace69115f88d6424ae7fe371fa242a1498de6
GET /wp-content/uploads/2020/06/content-box-6.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 40577
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0
50.87.147.174200 OK 14 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32033)
Hash ad7339964f395566ac9d75903d96b9de
ea5756ab8d399418e0f862a8ff1249df3f77790f
3adfc0a685bd6eee9638948b1085d3db733c75caff8409b7582e356671588491
GET /wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 14394
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/tagline-2-e1591803536501.png
50.87.147.174200 OK 63 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/tagline-2-e1591803536501.png
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 768 x 323, 8-bit colormap, non-interlaced\012- data
Hash 0b88c7fd30b1c2d501234e4cc6e8080b
5a4f044fe41f97c4856b433d512af8a12d8ca78e
a6de47191a6b2fb4f82b2750f1251d7c8cd1ba9e21bb6c0a287208adea85a54d
GET /wp-content/uploads/2020/06/tagline-2-e1591803536501.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:41:04 GMT
accept-ranges: bytes
content-length: 63257
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/images/loader.gif
50.87.147.174200 OK 604 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/images/loader.gif
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 16 x 16\012- data
Hash 54dafab72c7ad4425d572a3eb4b8a050
4f39e547ca948ed0e515d46f76e3304d42c17846
88295ba8ceae926052e37403b4613b76ce6e5626393937f55ddc63ed015ca46d
GET /wp-content/themes/born-to-give/assets/images/loader.gif HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
content-length: 604
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/gif
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0
50.87.147.174200 OK 2.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type troff or preprocessor input, ASCII text
Hash 82303cc8f20f18963755d4393d0d664c
1981ae3a7c47cb4832dfac867f5697dcc4fedf67
a7a91692f223398e340268102da47345d5b0bf15841151510121c10bd229c4ac
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:16 GMT
content-encoding: gzip
content-length: 1960
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
50.87.147.174409 Conflict 83 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/clock-icon.png?id=2581
50.87.147.174200 OK 2.0 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/clock-icon.png?id=2581
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 700 x 225, 4-bit colormap, non-interlaced\012- data
Hash 169a7b7f35665c1000c654b9fa7e5f65
30d4290372f472ffcc6a3e326322e44a9c0cf384
e125fed0bf281a5a81a6bc4876ca75c8ca928650173bf173201a885e582d54e8
GET /wp-content/uploads/2020/06/clock-icon.png?id=2581 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:38:30 GMT
accept-ranges: bytes
content-length: 1993
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/project-3.png?id=2578
50.87.147.174200 OK 2.8 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/project-3.png?id=2578
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 500 x 225, 8-bit colormap, non-interlaced\012- data
Hash a02d14f0acbfe55a2a59114f886958fe
6b6b60afaa3b6e5a5fa49bb767781e6f710c6a88
1ce162cd69a42078083d88d77b35139496df3436c875325a4bd64ac5bb90cfab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/06/project-3.png?id=2578 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:39:10 GMT
accept-ranges: bytes
content-length: 2751
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/hand-icon-2.png?id=2580
50.87.147.174200 OK 2.7 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/hand-icon-2.png?id=2580
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 700 x 225, 8-bit colormap, non-interlaced\012- data
Hash ab7185a5cca91f87641c4051317281e7
d2bd18ec9edcee1d9a5e50776204b4f2ac2e843c
decb4a85e68583477b05bc5675ba1f0f373c27e8167c9eb97e555bfd15e61228
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/06/hand-icon-2.png?id=2580 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:38:50 GMT
accept-ranges: bytes
content-length: 2651
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/fonts/fontawesome-webfont.woff2?v=4.5.0
50.87.147.174200 OK 67 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Hash db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/css/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
content-length: 66624
cache-control: max-age=10368000
expires: Thu, 18 May 2023 05:35:16 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
50.87.147.174409 Conflict 83 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Wed, 18 Jan 2023 05:35:17 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg
50.87.147.174200 OK 149 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 2048x1367, components 3\012- data
Size 149 kB (149315 bytes)
Hash 6ab64ac8723b271ef860c24b7e20b0d8
15f9deb8f67b3604e72fef95946ee9434e453cdd
bfc159e78ace8204116de568f9a811859d04f23f5f8df35d74143be440819002
GET /wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 04:17:03 GMT
accept-ranges: bytes
content-length: 149315
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
151.101.192.176200 OK 122 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 151.101.192.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 0fb49bf445ceac1dcb1b6c5d284a57a1
8988f3ceef20a494a419e595e8d802a0dc663c7a
5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Wed, 18 Jan 2023 05:35:19 GMT
via: 1.1 varnish
age: 5650194
x-request-id: 210174a0-0701-468d-b1b5-3e626d0c6937
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 21636
vary: Accept-Encoding
timing-allow-origin: *
content-length: 122
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
151.101.192.176200 OK 332 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 151.101.192.176:0
File type ASCII text, with very long lines (526)
Hash ada7d17b721f065b91d249c998f2967e
1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Wed, 18 Jan 2023 05:35:19 GMT
via: 1.1 varnish
age: 5650194
x-request-id: 200ba760-4a78-40a2-bd44-6cdaa06cae08
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 18447
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2
m.stripe.network/inner.html
54.230.111.59200 OK 930 B URL HTTP/2 m.stripe.network/inner.html
IP 54.230.111.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash fc2e029628f163bb59adc6fa5a31161c
0f4547ae510d1bf36e3630d41bdab29d64c03d64
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Wed, 18 Jan 2023 05:33:11 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8UjUL9qMzGGRMQCuSuwY89NjFRx4bJYAIyao6ghSQmMkNmciWFCh3w==
age: 138
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:19 GMT
Last-Modified: Wed, 18 Jan 2023 03:49:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
m.stripe.network/out-4.5.42.js
54.230.111.59200 OK 18 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 54.230.111.59:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash ecee18d496ca8f879677bef3bb76b6c0
9ff9edb6ea7e528a79d80c3bb38071e8dd6cf7e7
065f4e22eb3bdb619e1f234e714894ee6aef5a16f4e6f11305c4a81de159448b
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
date: Wed, 18 Jan 2023 05:30:42 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mX3lrm51e-g9wFVbNQ7uz5MMk16wGyeTuwaDBi_aRc23AGIxxstyXw==
age: 279
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:19 GMT
Last-Modified: Wed, 18 Jan 2023 03:49:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07931783d8a6b1253cc763eb5b6caead
f8c95a271abc4613dd3890569d3b8bbc804626e8
fdbbb489e88cd83d33a37b8cb32a6b45bf22d0e612d3ddfd3daa32e0fc100af2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4332
Cache-Control: max-age=149508
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:20 GMT
Etag: "63c71931-1d7"
Expires: Thu, 19 Jan 2023 23:07:08 GMT
Last-Modified: Tue, 17 Jan 2023 21:54:57 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0
50.87.147.174200 OK 120 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32065)
Size 120 kB (119841 bytes)
Hash 517b1c7f4c104975d2d1eb50d7dc3d7b
2dea0298db477398a4da7a9dbde1d3a5bd29b085
4f0c80a3c756595bb985d15831e8a7c0bf8ff9f823c298a6dd4218d055ec91c0
GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
m.stripe.com/6
54.149.171.250200 OK 156 B IP 54.149.171.250:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7f6b9e431e584dd58c80f19e5c3f0d6b
deb612bc8c17876b31e0bd663111d729c0d46799
096af9e207c9ffa968d898c919d0df9ecc14e720ca893c494b769a8f56fecd12
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2320
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 05:35:20 GMT
content-length: 156
set-cookie: m=f20e82b0-9668-41ee-8603-795ce01f306d766a6a;Expires=Fri, 17-Jan-2025 05:35:20 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-bg-intended-route-color: green
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561
50.87.147.174200 OK 285 kB URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2048x1365, components 3\012- data
Size 285 kB (284573 bytes)
Hash 1da36ae1f1f553480954cad42fa3a915
8ea96d0369481f3ecdbb396f28230957d2703d0f
b0ab25683b22d4e203408732f467e7f868cee58208ba8abd2855c29007f5642c
GET /wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:39:26 GMT
accept-ranges: bytes
content-length: 284573
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 16 Nov 2022 00:02:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled-e1591933425593.jpg
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled-e1591933425593.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2020/06/wtf-image-scaled-e1591933425593.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:33:11 GMT
accept-ranges: bytes
content-length: 352159
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:19 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 1092367
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/uploads/2019/06/Home-Page-Slider-1.jpg
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/uploads/2019/06/Home-Page-Slider-1.jpg
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/uploads/2019/06/Home-Page-Slider-1.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 04:34:09 GMT
accept-ranges: bytes
content-length: 287362
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:19 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 19 Oct 2022 02:46:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8
50.87.147.174200 OK 0 B URL HTTP/2 www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8
IP 50.87.147.174:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:55 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2