Report - wholenesstofreedom.org/autem-quos/documents.zip

Report Overview

Submitted URL
wholenesstofreedom.org/autem-quos/documents.zip
IP
50.87.147.174
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-01-18 05:35:24
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
72

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
m.stripe.com	1092	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	723 B	54.149.171.250
wholenesstofreedom.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	854 B	931 B	50.87.147.174
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
js.stripe.com	1149	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	107 kB	151.101.192.176
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	530 B	21 kB	216.58.207.227
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	788 B	146 kB	142.250.74.168
m.stripe.network	1204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	864 B	20 kB	54.230.111.59
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.1 kB	216.239.32.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.4.251
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	68 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	1.4 kB	142.250.74.106
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.7 kB	93.184.220.29
www.wholenesstofreedom.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	36 kB	1.1 MB	50.87.147.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-18	medium	wholenesstofreedom.org/autem-quos/documents.zip	Malware
2023-01-18	medium	wholenesstofreedom.org/autem-quos/documents.zip	Malware
2023-01-18	medium	www.wholenesstofreedom.org/	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give-child/style.css?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/uploads/2020/06/project-3.png?id=2578	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/uploads/2020/06/hand-icon-2.png?id=2580	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/fonts/fontawesome-webfont.woff2?v=4.5.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0	Malware
2023-01-18	medium	www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (49)

	URL	Size	First Seen	Last Seen
	www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0	9.2 kB	2023-03-07	2024-05-04
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:50 Last Seen2024-05-04 14:55:52 Times Seen3209 Hash 5ff487a413612cbbf6bc391c10ff7bac acbbd8a96ecad33158f29e45afcd41e4b2dd6579 357ad057de8ffc0fc9df301dd1873c3d482e926791195ee262da3886269f84d8 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0	21 kB	2023-03-07	2024-05-01
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-01 00:26:34 Times Seen2411 Hash be3333626c57af03599abcb59b325e09 3824067348f6485d6b07d3a43660804e3731b21a ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc Loading...

	www.wholenesstofreedom.org/	153 B	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-03-17 11:27:11 Times Seen1 Hash 2c29c06f4595b62c900c242162b35b7b 3958a43e443f8dc659dfb295efeea13c9d224ddc cbfa9d9cd052e7d3f18f472819522691e8dc40d309cfac864ea8d52127ac7851 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0	66 kB	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-03-17 11:27:11 Times Seen1 Hash c03dca0094f1155d57edac2de462ef98 a0a1f3bb85cf1dad5dbfb21d96b127a8cc1a8561 b7ff339d46aa58b0c8d8ba1d9487f839f67df2e0eff1d36e072e2c6385b91881 Loading...

	www.wholenesstofreedom.org/	153 B	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-03-17 11:27:11 Times Seen1 Hash 86b4521c8ba96526ba13aa16c487c13a 58d2afbc2498521d4acd0014c441c13a5dbfb116 0820d44a62ff254712fe6778a02822e5f9a0dd2eec7bc65b9871bc09477b6dbd Loading...

	www.googletagmanager.com/gtag/js?id=G-GJFR4WCEMT	182 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-GJFR4WCEMT IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:56 Last Seen2023-03-13 01:53:56 Times Seen1 Hash 3f83d13c2201fb2fbab4f2dd13fcc1cc 92e88d425494f1b55c2816ba4400fc2512770fb1 0a1e09e4f4c2700af5941d62ffef84448f1bab963f4797a0317857edd78d719f Loading...

	www.wholenesstofreedom.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1	12 kB	2023-03-07	2024-05-04
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:48 Last Seen2024-05-04 08:56:20 Times Seen5607 Hash a76f61318af036823b08d73536486be6 31ff9b215dcef9151b9f4fc50ea91a9df1962102 abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e Loading...

	www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5	11 kB	2023-03-13	2023-04-15
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:56 Last Seen2023-04-15 03:59:08 Times Seen3 Hash 12c43ab954795b1aa659c9aed391d1f5 1d392bd48e0578070aeb6eb8bfaa7058e87d02ee 50cac29d2c799befabb2b3b790ce78553d708bb18677b17bcac83cecd67d3489 Loading...

	m.stripe.network/inner.html#url=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&title=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&referrer=&muid=NA&sid=NA&version=6&preview=false	809 B	2023-03-07	2023-04-05
Pretty URL m.stripe.network/inner.html#url=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&title=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&referrer=&muid=NA&sid=NA&version=6&preview=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-04-05 02:11:07 Times Seen392 Hash c27cf622675c4437d72f0a597fc0b071 7b93ce05044f359f9ba5a335fe47c6aa462d7251 7bf26abb893d1a4d590963ba4ad02c7e11778bbaa02307ee8ad683d60f43caf1 Loading...

	www.wholenesstofreedom.org/	487 B	2023-03-13	2023-03-14
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:56 Last Seen2023-03-14 06:19:56 Times Seen1 Hash 6593b07f9d3b3f748fc6b481d0fd8677 48232f51770ed52d81a72b25dcb5c2961f1aff7e 0ce86099bb2282e9557d9f25d5bf6175f1afbc9e3038264ff532cf9d43fc7fbf Loading...

	www.wholenesstofreedom.org/	753 B	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:22:52 Last Seen2023-03-17 11:27:11 Times Seen1 Hash 3a0424359255e90dd122c784f048142f 533bafe3211cb78486931a0db45fa79b334732fd 46d14ace75280364b344cb425f1f50e43f2cd10e4769649a98adfd3e59d86ba3 Loading...

	www.wholenesstofreedom.org/	1.1 kB	2023-03-13	2023-03-14
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:56 Last Seen2023-03-14 06:19:56 Times Seen1 Hash f180be59efa26513eb25be4a71aac89f 35361a5eef972476b076f8c0b86379c3dc83de2f e25e00785122d5c680b2e46c216d665b769ed245be99c1115f8ec4f206c51941 Loading...

	www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7	1.7 kB	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:22:52 Last Seen2023-03-17 11:27:11 Times Seen1 Hash e715277ad22842b52040a067888a40ef ce20ffb206c8f100aec8a6a6b76e4f9acf0ec9b0 b84fc3bd515380c04713cde1e76d4264abd1bc6e256ed6d6ea8665e1fb5b1451 Loading...

	www.wholenesstofreedom.org/	343 B	2023-03-13	2023-03-13
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:56 Last Seen2023-03-13 01:53:56 Times Seen1 Hash 680bc77bb64c5b0b5c4b964e78cf0272 7206c08c41c0b0fc874ffc09e289c78709133d31 9b4d93a218e8f6921d53259b315289f4a155b8d1407aca3e70747da17170eb32 Loading...

	www.wholenesstofreedom.org/	1.7 kB	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-03-17 11:27:11 Times Seen1 Hash eff0bc1255485b6fb9b799c07290213a 4944f0697e50d124df9d617b3dc89eed3dc2b1a3 c42b8ad55cde209c972e6b1c064ee6e4e0eca68987945abc8db0a21623426b85 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0	26 kB	2023-03-07	2023-03-14
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:22:24 Last Seen2023-03-14 06:19:56 Times Seen1 Hash 62761dda45fa85ee695ac9f68b1d0693 bb281d5f869adc8989fb566890dcec01a4f6fc42 c92c2f8333e3c0a142ef6b203f449fa74fb3bad63e47a5cfb68892a303a75756 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0	39 kB	2023-03-07	2024-03-08
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2024-03-08 13:55:59 Times Seen77 Hash f3292da2b56cb4ce96bb327f92a33012 da99da51d19741e94d51777369f398a63c3d2ef0 14e619a4bceb4cafa0cf1832e59d42897bdf87be967a4781d8b5f3bb8852702a Loading...

	www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp	97 kB	2023-03-07	2024-05-02
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:40 Last Seen2024-05-02 05:19:06 Times Seen701 Hash 455f4240b81915ea051b23d783291b6b 6750ac2287aa2f28c6125bec29af18b8a620d0c6 3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0	40 kB	2023-03-07	2024-04-27
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2024-04-27 12:45:27 Times Seen188 Hash 4b8e19f3dc3a22572352e6abc41762b3 10bbcc4f3054fc460b4554f67d6b12c1478eb061 026b7d9dec37d7235d687d1d5d55e14c840ebcda96d536a4cb42821e51aa831d Loading...

	www.wholenesstofreedom.org/	89 B	2023-03-07	2023-10-23
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:22:52 Last Seen2023-10-23 13:32:38 Times Seen2 Hash 6e71fbc7040c2af45d3e941e3235581d a0b6a2aa1293b82e552d0408f232e1d4bf37991d dba92d13355fd09f433501d9c47448bb08e0ca8381e4b3f9df86f69d016d7276 Loading...

	www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31	392 kB	2023-03-07	2024-05-03
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2024-05-03 06:48:11 Times Seen772 Hash 57873e88ecc07a217b2b7149a169d6f7 9e61a16932f643d23582b07bb7f780059866b37f d048af27682e7811ddf8a3be2684b8446f5c16c4fb39141567913ac8aac28fc0 Loading...

	js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js	631 B	2023-03-08	2024-04-03
Pretty URL js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js IP 151.101.192.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:46 Last Seen2024-04-03 16:20:49 Times Seen6173 Hash f8f6a4584135f737b26927596ce6e0a7 609ea9e9c46563fb1dc78a7967c926394e73ffab 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Loading...

	www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4	1.7 kB	2023-03-08	2024-02-12
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:19:28 Last Seen2024-02-12 18:39:30 Times Seen37 Hash f393ca558c7fe9b649da5641346adefc f3db0fe4f0eddebc031c9b387b6e3adf08bd9278 5537153f374c72a6ef0746f6d34dd19959347bcae9081fb33bdd39d9379fcead Loading...

	www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp	24 kB	2023-03-07	2024-04-12
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-12 06:12:43 Times Seen683 Hash 8bd074658806c4a7fe21e04cd60aef4f fc41316c88cc93fca469e18a99614ad318a34ed4 708883a21754b3f7e1653d1d358663d65309e97d673a5934990c73f46df22d4c Loading...

	www.wholenesstofreedom.org/	446 B	2023-03-07	2023-12-04
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-12-04 14:39:47 Times Seen14 Hash e78d7a210f32b994baf56214c86badd2 2f9f8f9d9ed066b7625beba4463ea757840ae26c 70751553cfa3b541ef3d0415fcc7a1738931444c8f15339748481483b450f51e Loading...

	www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0	20 kB	2023-03-07	2024-05-02
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:46 Last Seen2024-05-02 16:50:15 Times Seen2151 Hash 6ce179ee275d3bd58d0407b79d6366cd fb1393daafde2f3e85f31777543c3194a4ab11d0 1bd0097cd9d76a31566f4236a1aaa31cdd43c5857a9502679805fddbc7599a54 Loading...

	www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5	3.2 kB	2023-03-07	2024-05-02
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:03 Last Seen2024-05-02 06:26:39 Times Seen525 Hash b34ee54abcdda3f94566ea5e7312fdbc 4230cb168bd0bc6f831da5ac89517c865e0bda96 de4945bf8c32247c3570f1945b4af05f3efb440b46c93c18d2f428ae9162c8ea Loading...

	www.wholenesstofreedom.org/	82 B	2023-03-10	2023-03-14
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:23:14 Last Seen2023-03-14 06:19:56 Times Seen1 Hash 8b9beaeae3824a7ef206e04e82bc978f 832333a9a7f8c7b6a6eaf9bbe9121dccf35b338d 4aa8d09cbdf0706a04c56a8cdfdd76dd2dc1cecaf85f952f10af24fa008c8e43 Loading...

	www.googletagmanager.com/gtag/js?id=G-F8TV2PV5PB	221 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-F8TV2PV5PB IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:56 Last Seen2023-03-13 01:53:56 Times Seen1 Hash 5f5e5b42f4fdacd023faf5ac38929a1d 9d3db942c6d0c3f307c152cb10fa93bbe361555c 4956d13371f28693062295cf986f9ef12565ef2fa6995034b5606e0e4fec460f Loading...

	js.stripe.com/v3/?ver=1.7.0.5	432 kB	2023-03-13	2023-03-13
Pretty URL js.stripe.com/v3/?ver=1.7.0.5 IP 151.101.192.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:43:26 Last Seen2023-03-13 02:27:40 Times Seen1 Hash 8a172aed28941e27d69f8834d3cc6245 8de1b6bcc1efd0af730470ec144ed304fe0e2cae 223b52dfe12563a075dae0af3bf281575b4bde67ce2679ce80308e1f1fd904ca Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0	34 kB	2023-03-07	2024-04-13
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:50 Last Seen2024-04-13 11:06:50 Times Seen136 Hash 89f87298ad94aa1e6b92f42eb66da043 d8c0a049a5431416c60f152386dd6f3beaabbba4 b8559046a798fb7e60a22975d8cc0be190c63702654a7074d7e3f0b2ac4bd51a Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0	2.3 kB	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:22:24 Last Seen2023-03-17 11:27:11 Times Seen1 Hash b3193350087227dd33042ed45f1736d3 28e1339b25f61505cb942296c322a970811be17f bbede688756e444e7c9cfc43e16c38fd5d1388f0e06a1ea8e8d5f5c4a3babbc0 Loading...

	connect.facebook.net/en_US/sdk.js?hash=d4564e90db3f92e07a0eb023ef144606	313 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/sdk.js?hash=d4564e90db3f92e07a0eb023ef144606 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:27 Last Seen2023-03-13 01:53:56 Times Seen1 Hash c5c860dc47bcd6cdae65beb5dca03fbc 55f72a93f778669e21263f1e4f3f2771e8e272ba 61edc17b59e662ec4ae00645c8371d4bd3e7b5f9c2583276724ffe52e8a19e42 Loading...

	www.wholenesstofreedom.org/	332 B	2023-03-07	2024-05-04
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-05-04 18:15:52 Times Seen9227 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0	37 kB	2023-03-07	2024-05-04
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-04 20:42:31 Times Seen55229 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	www.wholenesstofreedom.org/	2.1 kB	2023-03-07	2024-05-04
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-04 09:14:15 Times Seen6395 Hash 9cd47ac5a0389a37b4d8e7d194e17c9a 9121da7907e37462c10ce8616f06b5c22f640744 ae37d2523200d80db4a789404c079f2cb1bb172ed526cb27909f929c9d935cda Loading...

	connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.0	3.1 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:27 Last Seen2023-03-13 01:53:56 Times Seen1 Hash ce4de27334cbbc22fb3d9cb4a0e80f08 16f96a5ae143b587e2c57bafebe65ed94c1d726e 96fbf7bd459b203937141232c53820386df1aedf5d949933284eb11116df7946 Loading...

	www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0	13 kB	2023-03-07	2024-04-29
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:33 Last Seen2024-04-29 06:34:21 Times Seen439 Hash c5435148b11560c8fca9c2f32fb51da8 0925e819e0952b9e47826ee794b2657382cd0242 07edd93ddd16d77b8a64d17ea9e24c6fe7ca547fa7843363289da278bfc99809 Loading...

	www.wholenesstofreedom.org/	3.4 kB	2023-03-07	2024-05-04
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-04 08:03:32 Times Seen6206 Hash a94b76e45c11675df9f26fd25a8e4359 1cd29363bb1b514e6f7ef031f1831008df181f17 4569f5c3704a88394335b0fabccd6460ba5e582c3058f9286f42cc589da02899 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0	4.5 kB	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:22:24 Last Seen2023-03-17 11:27:11 Times Seen1 Hash e81b167a57f599ae32ec05dee0d870bb f2095f6e709800d9e9427837d9ea23caf94710bd 40d5810a4c26eb13a3abdb8fa8937dc25cf9d9633e04a5cea290bb52f3f9babd Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0	15 kB	2023-03-07	2024-04-28
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:43 Last Seen2024-04-28 17:39:46 Times Seen1168 Hash cf6d24b271a128c1564697131d29cd07 281c5937a9c49402bff5ed2d9374578f9dd68801 1acda5dc3f8982d34c308da783d450a9ff4ca79ee6a2b27414bb6a7400ebfd15 Loading...

	www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.7.0.5	1.8 kB	2023-03-08	2024-02-12
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.7.0.5 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:19:28 Last Seen2024-02-12 18:39:30 Times Seen37 Hash f42367608b4ea6fa8ce50cc0db1a7666 d8913d9edbb66159cffafcddd7a30476f2bf6ccf 49c34e5d31ee98f95f0a3a058baab8c4d13ce78337b3549172bbbd1656488f9d Loading...

	www.wholenesstofreedom.org/	378 B	2023-03-07	2023-03-17
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-03-17 11:27:11 Times Seen1 Hash ab29fe9749e15826921944225468c6a6 bbe5c2448caf5e1787270958c5b66bfb300d27f5 55e8779485025c772d465d65bd8cfae188055c4539fedd5121cad51ef3b6a9b6 Loading...

	www.wholenesstofreedom.org/	2.3 kB	2023-03-07	2024-05-04
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2024-05-04 09:26:12 Times Seen8013 Hash f0bef95e258d5b84f82c5d4e29252176 eac5936c555c039bc38816d0916e13c0b364d797 a6c3ffec54ef5f2ca033b1fcdf84e1feac93437a3d8d4439667e9276ca2a9836 Loading...

	www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18	129 kB	2023-03-07	2024-05-03
Pretty URL www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2024-05-03 06:48:11 Times Seen2163 Hash 0ce245fda586eafae053aa341ccdd2c7 3f0e5d08540860f4e1c4ba0db2bd3decf481ea44 5c9203860ae657336596c738730f9d362e00bb9948a0f581fb074270c328e26b Loading...

	www.wholenesstofreedom.org/	6.0 kB	2023-03-13	2023-03-14
Pretty URL www.wholenesstofreedom.org/ IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:53:56 Last Seen2023-03-14 06:19:56 Times Seen1 Hash 55dc8897f464dbebc2c6a2485cde0d99 ab44a286fc72c265364321369040e281ed4eb012 7ba5240ea6840cc5d1612bc68196521cd90f713971ae2c4cc46964194b2d51a4 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0	14 kB	2023-03-07	2023-03-26
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-03-26 10:26:31 Times Seen2 Hash af5c4849ea3dc106841421aa1cbe85f4 9ffe0c21161d4cc5ad41382db270177de1968784 4321be0cff91ef549a75221f19522807b28d2ad2baf667e952f9112b4f0df5a0 Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0	57 kB	2023-03-07	2023-10-31
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-10-31 11:06:55 Times Seen16 Hash bbdaec2b95562cd9430b262d3320c7b4 80aeb5091422769422ee02e1cb14496f78623f4c f971c47450d55d484ab28fe8ff47684ac74cae69dd7455489f736f4ce87e8dae Loading...

	www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0	80 kB	2023-03-07	2023-03-26
Pretty URL www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0 IP 50.87.147.174 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:08 Last Seen2023-03-26 10:26:31 Times Seen2 Hash f25c3944145e1c4210eab757d392ea9c 50f4ec20dde4ea33e789f91bd44870785d7636bc 00ed08c43b528c8601511b7ff28e6937ae35fb3100deef49893f2d0064745630 Loading...

HTTP Transactions (116)

URL IP Response Size

wholenesstofreedom.org/autem-quos/documents.zip

50.87.147.174

301 Moved Permanently

263 B

URL HTTP/1.1
wholenesstofreedom.org/autem-quos/documents.zip
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
263 B (263 bytes)
Hash
7049920d126c002fb3362db4438bb2a4
bf660d9294250cd47dd83490a6f4ece5ac0305a0
9e8846e0b4bac0b01da8b3d3402c2d1a0fa1f7e1049071a2a36043de160c878e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /autem-quos/documents.zip HTTP/1.1
Host: wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Jan 2023 05:35:12 GMT
Server: Apache
Location: https://wholenesstofreedom.org/autem-quos/documents.zip
Cache-Control: max-age=0
Expires: Wed, 18 Jan 2023 05:35:12 GMT
Content-Length: 263
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12510
Expires: Wed, 18 Jan 2023 09:03:43 GMT
Date: Wed, 18 Jan 2023 05:35:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11550
Expires: Wed, 18 Jan 2023 08:47:43 GMT
Date: Wed, 18 Jan 2023 05:35:13 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 04:49:19 GMT
content-type: application/json
age: 2754
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Wed, 18 Jan 2023 08:37:36 GMT
Date: Wed, 18 Jan 2023 05:35:13 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: OQeJytErRs71xVLBSY+GBoDK1Ze21OlAZMhImD9A+UWIkbKmWWhEEpTht4pxZWGlg8O5qb8Jk3s=
x-amz-request-id: MH6SM3W2TFSXTCFS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 04:56:33 GMT
age: 2320
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 05:35:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 04:48:57 GMT
age: 2776
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd14c51d57b8c23e0867d4e8f74f41e1
a23abed88193d68131b3912b542d5d839adbe9b0
109c416d630f820e682de6d099ae38a520aa296ad1f0fe8bbebf3927c83b4f66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "109C416D630F820E682DE6D099AE38A520AA296AD1F0FE8BBEBF3927C83B4F66"
Last-Modified: Tue, 17 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Wed, 18 Jan 2023 11:34:36 GMT
Date: Wed, 18 Jan 2023 05:35:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 640
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:13 GMT
Last-Modified: Wed, 18 Jan 2023 05:24:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

wholenesstofreedom.org/autem-quos/documents.zip

50.87.147.174

301 Moved Permanently

0 B

URL HTTP/2
wholenesstofreedom.org/autem-quos/documents.zip
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /autem-quos/documents.zip HTTP/1.1
Host: wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
expires: Wed, 18 Jan 2023 06:35:14 GMT
cache-control: max-age=3600
x-redirect-by: redirection
vary: Accept-Encoding
location: https://www.wholenesstofreedom.org/
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:35:13 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.161.4.251

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.4.251:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +SiGeMqgjmW60ipB896XoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a6PDymv7k5LetmwuKbuTqaRnwxw=

www.wholenesstofreedom.org/

50.87.147.174

200 OK

33 kB

URL HTTP/2
www.wholenesstofreedom.org/
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Size
33 kB (32912 bytes)
Hash
057edd9fd7b0a5a903bfecd1469a31b7
8a86116b42a49f2281d841593bf4edda5c8f6dd7
37b1f3e9cbbcc0d7030c8d593bc4d8684db114696b0b47b9d73b3215460da080

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 18 Jan 2023 04:18:33 GMT
accept-ranges: bytes
content-length: 32912
cache-control: max-age=0
expires: Wed, 18 Jan 2023 05:35:14 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-F8TV2PV5PB

142.250.74.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-F8TV2PV5PB
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (20080)
Size
77 kB (77379 bytes)
Hash
ae4fcfd3bb8289f17828764cc78bf68d
419a8b535f6058a4b6b23b6fd0ff5ac54f2e4c46
ed0b7572376339337ac819131a674b1c5e57d0adf8274ecb774ff4a79d132ec3

HTTP Headers

GET /gtag/js?id=G-F8TV2PV5PB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Jan 2023 05:35:14 GMT
expires: Wed, 18 Jan 2023 05:35:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-GJFR4WCEMT

142.250.74.168

200 OK

67 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-GJFR4WCEMT
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3974)
Size
67 kB (67380 bytes)
Hash
43972b94ad3d3fe1a0d021772f6a9193
59c8887376867b7ea5fefd8d33b7a35900f52e1c
73a3296e6a6aba25f3489d802ae06146a43624e93220d2b16bf728f0d9d9bc7c

HTTP Headers

GET /gtag/js?id=G-GJFR4WCEMT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Jan 2023 05:35:14 GMT
expires: Wed, 18 Jan 2023 05:35:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-includes/css/classic-themes.min.css?ver=1

50.87.147.174

200 OK

189 B

URL HTTP/2
www.wholenesstofreedom.org/wp-includes/css/classic-themes.min.css?ver=1
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 06 Nov 2022 04:53:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 189
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f404da3b1abdefd6f64e8ab04e9cb72c
f370005dff7facaadd69b0798429288c7a7dfeb7
6401934189fb3b3e98c348bce0803f026e71bd48050af1879f19730f398d1e09

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5501
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:15 GMT
Last-Modified: Wed, 18 Jan 2023 04:03:35 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

js.stripe.com/v3/?ver=1.7.0.5

151.101.192.176

200 OK

104 kB

URL HTTP/2
js.stripe.com/v3/?ver=1.7.0.5
IP
151.101.192.176:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (103498 bytes)
Hash
bf9625a8fa2006f329464fc6234ac1d5
4abecae713f16c460ae555f63f89bfaf3bcf8e6c
d79c53ccc6286d0bb2fcf732041c8fe0f8f1e55810f074d49b5ba744da122785

HTTP Headers

GET /v3/?ver=1.7.0.5 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 17 Jan 2023 20:52:04 GMT
etag: "8a172aed28941e27d69f8834d3cc6245"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Wed, 18 Jan 2023 05:35:15 GMT
via: 1.1 varnish
age: 44
x-request-id: 2f7b0fac-2687-46c9-bd8b-02aa655aef38
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 5
vary: Accept-Encoding
timing-allow-origin: *
content-length: 103498
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.7.0.5

50.87.147.174

200 OK

3.0 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.7.0.5
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11637), with no line terminators
Size
3.0 kB (2980 bytes)
Hash
a678b3142d1cd03048a99f08cc028951
384bef2a3fdb57c9dc47994034a23d23546a7dc4
243eca2da170fe53242f5083c9e9ffbadada6a499cebc5487ff7e19f04fe1b43

HTTP Headers

GET /wp-content/plugins/charitable/assets/css/charitable.min.css?ver=1.7.0.5 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 2980
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0

50.87.147.174

200 OK

7.2 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (305)
Size
7.2 kB (7231 bytes)
Hash
f041fd6c32f86ab9b26558833a78bae0
f68ffed0cb57c6830a2dc8a05d5d8bacb31c8a0c
a786422aed25fb0a59f5ad16fc1d2e8fd32fe0dec3863ff34dded0235eb2da29

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/css/bootstrap-theme.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 7231
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7

50.87.147.174

200 OK

511 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1756), with no line terminators
Size
511 B (511 bytes)
Hash
78f6ff6f6a4db1988a09ceb799cd8f80
cff8f6716ad98c4efa4899e0212de580a8135dbf
8445aa5aa392e898af8c9633bd4b2e25cb8042e22ce6416cb2a0aaafcc3b7387

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/charitable-recurring/assets/css/charitable-recurring.min.css?ver=1.1.7 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 19 Oct 2022 02:46:31 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 511
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0

50.87.147.174

200 OK

1.5 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.5 kB (1530 bytes)
Hash
f8ad5321f418cc336b2d974166330511
327e2548b3442deb616790f2bb913dd8113f0278
6bce5ef6133f16dc096ded4443f6a03d5ef1beadfbad7ae2ffe1e1ada036b742

HTTP Headers

GET /wp-content/themes/born-to-give/assets/css/line-icons.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-length: 1530
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15385
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 05:35:15 GMT
Connection: keep-alive

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0

50.87.147.174

200 OK

28 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
28 kB (27599 bytes)
Hash
3bcb66babe48ef567184fa9b9b3c8f18
b70c2384c382dfcb9ab4dcfa7550e2593eb030db
d3721134ff0cdb2df314e756f2ef93903d13d35b39702977158d07dbf58094d9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/css/bootstrap.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15385
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 05:35:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15385
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 05:35:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15385
Expires: Wed, 18 Jan 2023 09:51:40 GMT
Date: Wed, 18 Jan 2023 05:35:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7871 bytes)
Hash
8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zGNahizGhnMhpQxlxsexepYOI7y_40It8BrZjAd041J8Ws-jBYL0Ng==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:12 GMT
age: 27363
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13848 bytes)
Hash
8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6BKCGEtoAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:45 GMT
age: 27330
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8889 bytes)
Hash
816accd72419764cabc1d038af58446c
ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08
d0b6f144ddc797108e6e85b4e835bfbeadd138ef7987661ee9e3d22790db254f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8efa7cc-44c0-4841-af38-b9d070233ba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8889
x-amzn-requestid: 10583804-866b-41bc-a99b-6209bd7ae1c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1eHMCoAMF4kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ef-2351e46019a0918724721b89;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vPjapwQ2XBhjwPeNVzi3NQ0YSMyseKuyavdCo2CTFoxrRkiKXVu7lw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:08 GMT
age: 27247
etag: "ad835d9c9a783175d3c5d1a32f1e34baf0ed2f08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11028 bytes)
Hash
402bdd90bc2557de4f317d4d0ec892ed
b205b0bb74fabcf1612f22db53c197b63ae4ce0c
2fa402a38832c3efe15d5fee9116b36aeea5a0012ba4e8d6477b4fa9a0368598

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11028
x-amzn-requestid: 2b2b0030-a54b-42d1-a680-69e23c4320bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AteE7uIAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-5abf38ea140446ec294cdf6c;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 36gRhJPc8ASKV6h7W1qvKx-fca-KbtnNDFJqmumSHU38JBpoDdtL3Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 07:15:23 GMT
age: 80392
etag: "b205b0bb74fabcf1612f22db53c197b63ae4ce0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8574104d-a2ec-4c79-98a7-63d8deaf9a02.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13094 bytes)
Hash
611a72259b116192667411e884b90843
ee43d356cb1fa30ece3e8c6c0c5d21827017199a
1a6b9636c4417c8e5976b13451cebd7fda585a607f1ef97d25fc0ee9e752f707

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8574104d-a2ec-4c79-98a7-63d8deaf9a02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13094
x-amzn-requestid: c51667e3-4c74-4c43-93bb-5dff7d684fb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K84EquoAMFR2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-012b4ee95ae813250c703b51;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XgoT6J4DRRw5NtW5DcvadI9YUL4kqOKO0P8MqUhpcigaqtSTAuevUw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:19:53 GMT
age: 4522
etag: "ee43d356cb1fa30ece3e8c6c0c5d21827017199a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7361 bytes)
Hash
26fa7bd40b5c3a3b5a6f95e7fca843b9
d8064f74f1e40bf6be4ea8ab4e319db22026c462
3e7744acf3e7ace6931c28cb5a5d3d7a77d9b97855b864c5c774368f2d0719c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7361
x-amzn-requestid: 54e3621a-ec24-4d56-85bf-84239fa7811e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e23ZvGtnIAMFivg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5d2a4-7ce0e7924c03aeaa3ea684c3;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 22:41:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hamm4_4ud3QWXK2EeTcYUSN7ot6m-d-1z_NN29tSFYP25Itmz25jaA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 14:16:01 GMT
age: 55154
etag: "d8064f74f1e40bf6be4ea8ab4e319db22026c462"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2

50.87.147.174

409 Conflict

83 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2

50.87.147.174

409 Conflict

83 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Playfair%20Display%7CDosis%7CPlayfair%20Display&subset=&display=swap

142.250.74.106

200 OK

641 B

URL HTTP/2
fonts.googleapis.com/css?family=Playfair%20Display%7CDosis%7CPlayfair%20Display&subset=&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
641 B (641 bytes)
Hash
b4f9237f8733dba55f78fe704afd7282
dd182a9af82cc1917dbb9d58116480434245b353
07c95cba26d0f87e4c447850cceb0b393731332281d76e1823216edba2f574b2

HTTP Headers

GET /css?family=Playfair%20Display%7CDosis%7CPlayfair%20Display&subset=&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 18 Jan 2023 05:35:14 GMT
date: Wed, 18 Jan 2023 05:35:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give-child/style.css?ver=1.0

50.87.147.174

200 OK

195 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give-child/style.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
195 B (195 bytes)
Hash
552e25d355afc04d6c15e8f233e0a6a0
5dde284e197bb43921667e7a6ffeaa6380af7680
23542ff2bc9a5ebf1427ae796a1dcadda47eec3d2c4ec197bf5fd6b3cf4066b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give-child/style.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:25:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 195
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.7.0.5

50.87.147.174

200 OK

809 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.7.0.5
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1767)
Size
809 B (809 bytes)
Hash
ddaad342f9e2eee77981b63a40bb0177
1663707ebe4701d1ea6a6c6f481b97d8a7739041
4e2973da84e67ede9013a65ec506ad21397de4b214a1d99425ecc15318107ce5

HTTP Headers

GET /wp-content/plugins/charitable/assets/js/charitable-session.min.js?ver=1.7.0.5 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 809
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0

50.87.147.174

200 OK

2.4 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
2.4 kB (2384 bytes)
Hash
feb307ddb142f715794fe79017ddc432
3b3f234b5784f5374021bb3861add18400bd5b72
b7fefe6a4416c0bd4449e93f7c194d7e61e72f2873cd298ebff37ffc19f111e3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/magnific/magnific-popup.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 2384
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0

50.87.147.174

200 OK

3.8 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (460)
Size
3.8 kB (3809 bytes)
Hash
4947de46614af682d0c033db2a5a99f3
a8caacbaccf3e8057c4ba5c6817b5312df192aa8
d5a1d94d423d0fac2493c55e7fddee7221c0cdb543220352eba296e52285049c

HTTP Headers

GET /wp-content/themes/born-to-give/assets/css/animations.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 3809
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0

50.87.147.174

200 OK

6.9 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (14502)
Size
6.9 kB (6873 bytes)
Hash
c6d9394fda425876c2328599c4411498
e72dd420c3f060f5b359a59e5dee3d2fa37e3fbf
e711f49f904d37cf2166237f7b535018ce2ee79a61acf371f59c70bf844eb8e4

HTTP Headers

GET /wp-content/themes/born-to-give/assets/js/modernizr.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 6873
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-F8TV2PV5PB&gtm=2oe1a1&_p=839823893&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-F8TV2PV5PB&gtm=2oe1a1&_p=839823893&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-F8TV2PV5PB&gtm=2oe1a1&_p=839823893&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.wholenesstofreedom.org
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.wholenesstofreedom.org
date: Wed, 18 Jan 2023 05:35:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-GJFR4WCEMT&gtm=2oe1a1&_p=839823893&gdid=dZGIzZG&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GJFR4WCEMT&gtm=2oe1a1&_p=839823893&gdid=dZGIzZG&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GJFR4WCEMT&gtm=2oe1a1&_p=839823893&gdid=dZGIzZG&cid=1403485501.1674020115&ul=en-us&sr=1280x1024&_s=1&sid=1674020115&sct=1&seg=0&dl=https%3A%2F%2Fwww.wholenesstofreedom.org%2F&dt=Home%20-%20Wholeness%20to%20Freedom%20%7C%20Ministries&en=page_view&_fv=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.wholenesstofreedom.org
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.wholenesstofreedom.org
date: Wed, 18 Jan 2023 05:35:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0

50.87.147.174

200 OK

12 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
12 kB (12213 bytes)
Hash
97c7e9944fabdd9356d5a8f97cf9fee6
043c0486ddd9e50d93e0411ba9624039bec3fbb6
5dfcea994f4e4bbbfa93154e79f1111598d13050e373f26ede698609859beb79

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/flexslider/js/jquery.flexslider.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 12213
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4

50.87.147.174

200 OK

903 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1651)
Size
903 B (903 bytes)
Hash
f0c8671e4f3b2742c7a17b919ee39b0d
efeb582ee4b04e4e05dec4dec12e1f7c47bb64a2
282698b2ec434d540848216bc9a81bb34612e1bd42ee9aa3dbaee3275b48b2c6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/charitable/assets/js/libraries/js-cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 903
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0

50.87.147.174

200 OK

1.1 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.1 kB (1117 bytes)
Hash
7a8b69b7dfa49ad3f740515b6cbe1f16
4a0f6c5e76cb1ee3b5f6c276da57109f5043a5a4
92509d4b59b6982d554a8138162b2006c6dc9ec4d7705efd11bdd33ae76b6b28

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.theme.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 1117
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0

50.87.147.174

200 OK

1.2 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.2 kB (1177 bytes)
Hash
25b9ec27ff5db19efb7682330af1a06f
cf751465f430660c195912e6c689e7aad157b928
0e121f11f00a40e3289647897f1f1fce7e410e7a5f68a2976c219cd6cf8b11ab

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/css/owl.carousel.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 1177
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0

50.87.147.174

200 OK

895 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
895 B (895 bytes)
Hash
8cd8b81d8e9d1a80a608489b5bab6148
17db7eded8d75f71285c50c67cb2855ad9fb4ebc
74dd44b1c6bcae4f130320295415770afbbd4e3dacf290a9b0730f1c5bf20ef4

HTTP Headers

GET /wp-content/themes/born-to-give/assets/js/calender_events.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 895
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0

50.87.147.174

200 OK

2.2 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1783)
Size
2.2 kB (2235 bytes)
Hash
437b343ed450c31030712423a3b61f0f
1968a5250f06a291674d301d631fb1bb3f62c501
fb4f5bc0eeb9b8223faecab1df270f50ecf904b891f4215898caf9b46fb43e45

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/colors/color1.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 2235
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1

50.87.147.174

200 OK

3.9 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1577)
Size
3.9 kB (3861 bytes)
Hash
0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.12.1 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 13 Jan 2023 00:34:11 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 3861
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7

50.87.147.174

200 OK

577 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1679)
Size
577 B (577 bytes)
Hash
9f59ed6d66849581d12406a767dfe600
c4af7451d9ad02982e6e9cd45f8265d1d9dcfdb6
47e6bfbe2bfd68f65ef568ae8bbf2c8555ed6f035a1b65156310006688b243f2

HTTP Headers

GET /wp-content/plugins/charitable-recurring/assets/js/charitable-recurring.min.js?ver=1.1.7 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 19 Oct 2022 02:46:31 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 577
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0

50.87.147.174

200 OK

4.8 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (51719)
Size
4.8 kB (4776 bytes)
Hash
bbb73736be32eb084dfece7d92f79b8b
edfda1062d1abe6f9762c3cfa658586aa363554e
eabef9d2d86c3d7204a06468e84e036e6772af3ed222ab0bebb4a224baf1ede8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/animate-css/animate.min.css?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 4776
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0

50.87.147.174

200 OK

6.2 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (27285)
Size
6.2 kB (6243 bytes)
Hash
dc1824da32acde493a99791cb0659e6c
c88eb5b8490f97dd5d420b9a0525cae7ddf81175
262b48ab99c53c79f039f8245bfefdd7f9416d39b97d0a488f4da8ca8654008f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 6243
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0

50.87.147.174

200 OK

7.5 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
troff or preprocessor input, ASCII text
Size
7.5 kB (7542 bytes)
Hash
c2566da65169bd967f821f5d93b8a406
935c2ab3c43a3238e9f519d679aa2e809c81d99a
425e47f47e354398dd5f59ceebb72461688926a590cc68af7bde16ce7a63f904

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 7542
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp

50.87.147.174

200 OK

9.3 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
9.3 kB (9262 bytes)
Hash
efcd20e20b6f0870628a30513b22cf14
3974a9212ca714e1147b97abd4d03167f0012f7e
0586ae89290e8b96402ca804152e58884f9a8c7ef79f4a8f5409dfb17ffeb2f5

HTTP Headers

GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery-migrate/jquery-migrate-1.4.1-wp.js?ver=1.4.1-wp HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 19 Oct 2022 02:46:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 9262
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0

50.87.147.174

200 OK

14 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32049)
Size
14 kB (13577 bytes)
Hash
5ba997f51189a0203209b7122ad09565
282e88d72a4357c15583de30eb3ab3a5bb162333
ba4c228290b11b1557d7df611adf91a6a49011ebc1ea22d4bfd8a38bf86cfa6a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/lib/moment.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 13577
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0

50.87.147.174

200 OK

1.9 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.9 kB (1924 bytes)
Hash
40f78c8db330c0707d762ffdc3e816ff
9ba2b477193b526c6bca70c16b5a6a749abe2549
645ef77a105ce52691d8080e9692102ef05f3b967f93a831c00893dbb4b205e5

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/gcal.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 1924
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31

50.87.147.174

200 OK

17 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
17 kB (16784 bytes)
Hash
175f82f86674b33fb2ebaf60de1a37c4
8aff200288093da132221fcd07dc2f53cef40eb4
af1495051b20f939690c74e7ec86a2398c8953e9cb449196a63c34dbc247281a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.31 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 16784
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5

50.87.147.174

200 OK

1.3 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (3019)
Size
1.3 kB (1346 bytes)
Hash
f0875ec95951fca622c31c22219a5b04
3d2d64cbc7e9a5eadebd36659ad470d04bd6ae09
1dbab3aeca7018530cc6a8a6ccd1c401598f395828ddf85037190e181636a880

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/charitable/assets/js/libraries/accounting.min.js?ver=1.7.0.5 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 1346
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/footer-logo-e1591827897264.png

50.87.147.174

200 OK

5.0 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/footer-logo-e1591827897264.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 427 x 60, 8-bit colormap, non-interlaced\012- data
Size
5.0 kB (4984 bytes)
Hash
cfc16b418c97957ec0fb6d58622b598b
b35499474c81749a0033ed656d486742c1e80237
75ef11a072b3649e7f4902b02b8bf8bbd5239149594be86fbdd830fa656a6cda

HTTP Headers

GET /wp-content/uploads/2020/06/footer-logo-e1591827897264.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:34:22 GMT
accept-ranges: bytes
content-length: 4984
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg

50.87.147.174

200 OK

37 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x192, components 3\012- data
Size
37 kB (36679 bytes)
Hash
bc9fadfbce47b41c3de272acea70001f
93b058f701113d2661ed28c1bba27ea9d15f63f3
95488a4525fc07935ce83bed7866ddfc0369904ed89fbbd6b8b28d6ef334b4a2

HTTP Headers

GET /wp-content/uploads/2022/03/CAMPUS-RENOVATION-WOMENS-TRANSFORMATION.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Fri, 11 Mar 2022 02:57:04 GMT
accept-ranges: bytes
content-length: 36679
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5

50.87.147.174

200 OK

3.7 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11046), with no line terminators
Size
3.7 kB (3658 bytes)
Hash
7354ac582d0abf70cb3040a5e71f61ea
519a413e7a995c8f993d31e00417706e68a746c9
f8c8a7db6bbc14588ab38fcb19928ed0463bb2dceb3440b16b58ceae5d0d69d2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/charitable/assets/js/charitable.min.js?ver=1.7.0.5 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 30 Nov 2022 23:58:13 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 3658
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0

50.87.147.174

200 OK

3.3 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (8853)
Size
3.3 kB (3306 bytes)
Hash
5e64f5fd6495dfc1fc6e4e09633ce3c6
f25ab01843b551a17392b49e62de0ee55b3b42b2
9a1fa9a504e2329245fe415f0ac5642579a9a745c854f6e9a1ff6cd01f5b604a

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/vc_waypoints/vc-waypoints.min.js?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 3306
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2

216.58.207.227

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Size
20 kB (19860 bytes)
Hash
a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47

HTTP Headers

GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.wholenesstofreedom.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:34:17 GMT
expires: Wed, 17 Jan 2024 15:34:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
age: 50459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d547e6cc07ecb62b49cfb14f223d3b87
7f316e0778cf7e132cf376b92d1f9860e06894f5
4ceb4872fc5aa21ce6cdba296ce83f68d1b46836df05886eb76e0607358ba42c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png

50.87.147.174

200 OK

8.2 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 317 x 73, 8-bit colormap, non-interlaced\012- data
Size
8.2 kB (8194 bytes)
Hash
9d2c9cf2594b42f0dd681d41de6f05fa
f808330a44b3c6155a56618a3a6feee73169094a
0a332dd335478654ace336353b7faeb7c2ab95d4b7caa164a757b3c4aa209eec

HTTP Headers

GET /wp-content/uploads/2020/06/wtf-logo-green-2-e1591733707559.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:41:34 GMT
accept-ranges: bytes
content-length: 8194
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-2.jpg

50.87.147.174

200 OK

9.2 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-2.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Size
9.2 kB (9237 bytes)
Hash
122772576929877a1e303482d4f77f49
3b13f1af32580e9e79c053a141be80aafa1f3812
1be76afe4f9ee8ec44b00101836c95154736d58f1a760169bd9eba27baf366a5

HTTP Headers

GET /wp-content/uploads/2020/06/content-box-2.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 9237
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-5.jpg

50.87.147.174

200 OK

11 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-5.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Size
11 kB (10926 bytes)
Hash
d95dfc4d5c13c7adf503ecbf19674a3f
caae1108fc0a26c6a9e0cf917345f8a7f0e724ff
03f6bbf1642223f38e76d2c553b65a59491e0b81fc6e17da037f40d780c82297

HTTP Headers

GET /wp-content/uploads/2020/06/content-box-5.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 10926
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0

50.87.147.174

200 OK

4.2 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
4.2 kB (4246 bytes)
Hash
51af100a0b61740b796a3cc873ff93ba
12c4a5168e6559dbbe04a6e0189badfd9945399c
6711b890da64b05da0d077dda9b213f75c74ce5c270507c6987ceaa839f59385

HTTP Headers

GET /wp-content/themes/born-to-give/assets/js/circle-progress.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 4246
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0

50.87.147.174

200 OK

6.4 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (12478)
Size
6.4 kB (6378 bytes)
Hash
30cd63f56380f5c6d763d4c9d5c9c134
37c8d1ba553f8d6734138a940373e5d8696b6717
a66de079905c68e6d31151cf9d304a310a1652846cac219781f7abb98e4e465d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 6378
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-1.jpg

50.87.147.174

200 OK

14 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-1.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Size
14 kB (13855 bytes)
Hash
754c8f903c5cefaeeb61f66f75293937
3526c2db941da0d4010cc99ba65ced076e25cd34
35a14ceb04bb46b28d042765d9906ed32115b71bb9e88e5cbd70467144aef9cd

HTTP Headers

GET /wp-content/uploads/2020/06/content-box-1.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 13855
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-4.jpg

50.87.147.174

200 OK

20 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-4.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 360x270, components 3\012- data
Size
20 kB (19796 bytes)
Hash
9276523abea9242110d453415e089d70
4b2213ce0a4e38013227eb09e7ae44eee3e2ade6
2d410ceb2f84455efaf751a4e0b486781130ad45f4be77d31af64fbdd6830ede

HTTP Headers

GET /wp-content/uploads/2020/06/content-box-4.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:40:16 GMT
accept-ranges: bytes
content-length: 19796
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0

50.87.147.174

200 OK

7.2 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (20096)
Size
7.2 kB (7183 bytes)
Hash
0d6847600aac71ee1e060272e8795d90
efcad83a912cd1d9fc5ccb901169769ad268e378
8c105b6acc26cfa2d4cf910c10044bd1e39fec92333adc9fc43681ede25ce103

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 7183
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0

50.87.147.174

200 OK

7.8 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/init.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
7.8 kB (7814 bytes)
Hash
5623e38a4742a3e22236ed68a8229e81
1c4a2274b118b6f15f7d490418d5c4bba157b2ba
c5c220be7c09ba533f23d9495092921473c481bd810467439a0a26cb92b62368

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/js/init.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 7814
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0

50.87.147.174

200 OK

9.6 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (21014)
Size
9.6 kB (9589 bytes)
Hash
006ebdd6b49adaffd1cb172bb699ba1b
34b1c1356f74b47f38ba4de7596693142c1794c5
82dcb093f13742e059bc47bebfdba4f9cbb517525731b9d7b782ea16947677f8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/magnific/jquery.magnific-popup.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 9589
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-3.jpg

50.87.147.174

200 OK

32 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-3.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Size
32 kB (31804 bytes)
Hash
6aa73ff061256221395b65f2074545e8
9e5430b2d040f6eefe1f9e540d794a95074a701d
1be0f52573e432fd6112acb8cdcd92e64b7227b73be5b799cb906d67191f535f

HTTP Headers

GET /wp-content/uploads/2020/06/content-box-3.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 31804
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0

50.87.147.174

200 OK

11 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
11 kB (11181 bytes)
Hash
a2aad3189aa3aaadb193d61c2b3a1f5e
fff7618c10068982d0dfe332e4fce693119cb492
53ff99d05aaf7df988c73687c8406a8c31ba491657d0ebba925e547630c0492b

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/owl-carousel/js/owl.carousel.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 11181
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-6.jpg

50.87.147.174

200 OK

41 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/content-box-6.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Resized on https://ezgif.com/resize", baseline, precision 8, 360x270, components 3\012- data
Size
41 kB (40577 bytes)
Hash
232218ff3c5f443155dbf5bc044b3aa1
5a98ab7e3fcb6dd4b81978b42143413e1446737a
a00b84b6aed78b1b5d54a78b79dace69115f88d6424ae7fe371fa242a1498de6

HTTP Headers

GET /wp-content/uploads/2020/06/content-box-6.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 40577
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0

50.87.147.174

200 OK

14 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32033)
Size
14 kB (14394 bytes)
Hash
ad7339964f395566ac9d75903d96b9de
ea5756ab8d399418e0f862a8ff1249df3f77790f
3adfc0a685bd6eee9638948b1085d3db733c75caff8409b7582e356671588491

HTTP Headers

GET /wp-content/themes/born-to-give/assets/js/bootstrap.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-length: 14394
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/tagline-2-e1591803536501.png

50.87.147.174

200 OK

63 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/tagline-2-e1591803536501.png
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 768 x 323, 8-bit colormap, non-interlaced\012- data
Size
63 kB (63257 bytes)
Hash
0b88c7fd30b1c2d501234e4cc6e8080b
5a4f044fe41f97c4856b433d512af8a12d8ca78e
a6de47191a6b2fb4f82b2750f1251d7c8cd1ba9e21bb6c0a287208adea85a54d

HTTP Headers

GET /wp-content/uploads/2020/06/tagline-2-e1591803536501.png HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:41:04 GMT
accept-ranges: bytes
content-length: 63257
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/images/loader.gif

50.87.147.174

200 OK

604 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/images/loader.gif
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 16 x 16\012- data
Size
604 B (604 bytes)
Hash
54dafab72c7ad4425d572a3eb4b8a050
4f39e547ca948ed0e515d46f76e3304d42c17846
88295ba8ceae926052e37403b4613b76ce6e5626393937f55ddc63ed015ca46d

HTTP Headers

GET /wp-content/themes/born-to-give/assets/images/loader.gif HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
content-length: 604
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/gif
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0

50.87.147.174

200 OK

2.0 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
troff or preprocessor input, ASCII text
Size
2.0 kB (1960 bytes)
Hash
82303cc8f20f18963755d4393d0d664c
1981ae3a7c47cb4832dfac867f5697dcc4fedf67
a7a91692f223398e340268102da47345d5b0bf15841151510121c10bd229c4ac

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.print.css?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:16 GMT
content-encoding: gzip
content-length: 1960
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2

50.87.147.174

409 Conflict

83 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/clock-icon.png?id=2581

50.87.147.174

200 OK

2.0 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/clock-icon.png?id=2581
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 700 x 225, 4-bit colormap, non-interlaced\012- data
Size
2.0 kB (1993 bytes)
Hash
169a7b7f35665c1000c654b9fa7e5f65
30d4290372f472ffcc6a3e326322e44a9c0cf384
e125fed0bf281a5a81a6bc4876ca75c8ca928650173bf173201a885e582d54e8

HTTP Headers

GET /wp-content/uploads/2020/06/clock-icon.png?id=2581 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:38:30 GMT
accept-ranges: bytes
content-length: 1993
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/project-3.png?id=2578

50.87.147.174

200 OK

2.8 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/project-3.png?id=2578
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 500 x 225, 8-bit colormap, non-interlaced\012- data
Size
2.8 kB (2751 bytes)
Hash
a02d14f0acbfe55a2a59114f886958fe
6b6b60afaa3b6e5a5fa49bb767781e6f710c6a88
1ce162cd69a42078083d88d77b35139496df3436c875325a4bd64ac5bb90cfab

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2020/06/project-3.png?id=2578 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:39:10 GMT
accept-ranges: bytes
content-length: 2751
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/hand-icon-2.png?id=2580

50.87.147.174

200 OK

2.7 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/hand-icon-2.png?id=2580
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 700 x 225, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2651 bytes)
Hash
ab7185a5cca91f87641c4051317281e7
d2bd18ec9edcee1d9a5e50776204b4f2ac2e843c
decb4a85e68583477b05bc5675ba1f0f373c27e8167c9eb97e555bfd15e61228

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2020/06/hand-icon-2.png?id=2580 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:38:50 GMT
accept-ranges: bytes
content-length: 2651
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/png
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/fonts/fontawesome-webfont.woff2?v=4.5.0

50.87.147.174

200 OK

67 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/css/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/css/font-awesome.css?ver=1.0
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
content-length: 66624
cache-control: max-age=10368000
expires: Thu, 18 May 2023 05:35:16 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2

50.87.147.174

409 Conflict

83 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Wed, 18 Jan 2023 05:35:17 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg

50.87.147.174

200 OK

149 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 2048x1367, components 3\012- data
Size
149 kB (149315 bytes)
Hash
6ab64ac8723b271ef860c24b7e20b0d8
15f9deb8f67b3604e72fef95946ee9434e453cdd
bfc159e78ace8204116de568f9a811859d04f23f5f8df35d74143be440819002

HTTP Headers

GET /wp-content/uploads/2019/08/ben-white-ReEqHw2GyeI-unsplash.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 04:17:03 GMT
accept-ranges: bytes
content-length: 149315
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:15 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

151.101.192.176

200 OK

122 B

URL HTTP/2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP
151.101.192.176:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
122 B (122 bytes)
Hash
0fb49bf445ceac1dcb1b6c5d284a57a1
8988f3ceef20a494a419e595e8d802a0dc663c7a
5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8

HTTP Headers

GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Wed, 18 Jan 2023 05:35:19 GMT
via: 1.1 varnish
age: 5650194
x-request-id: 210174a0-0701-468d-b1b5-3e626d0c6937
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 21636
vary: Accept-Encoding
timing-allow-origin: *
content-length: 122
X-Firefox-Spdy: h2

js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

151.101.192.176

200 OK

332 B

URL HTTP/2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP
151.101.192.176:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (526)
Size
332 B (332 bytes)
Hash
ada7d17b721f065b91d249c998f2967e
1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a

HTTP Headers

GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Wed, 18 Jan 2023 05:35:19 GMT
via: 1.1 varnish
age: 5650194
x-request-id: 200ba760-4a78-40a2-bd44-6cdaa06cae08
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 18447
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2

m.stripe.network/inner.html

54.230.111.59

200 OK

930 B

URL HTTP/2
m.stripe.network/inner.html
IP
54.230.111.59:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Size
930 B (930 bytes)
Hash
fc2e029628f163bb59adc6fa5a31161c
0f4547ae510d1bf36e3630d41bdab29d64c03d64
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

HTTP Headers

GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Wed, 18 Jan 2023 05:33:11 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8UjUL9qMzGGRMQCuSuwY89NjFRx4bJYAIyao6ghSQmMkNmciWFCh3w==
age: 138
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:19 GMT
Last-Modified: Wed, 18 Jan 2023 03:49:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

m.stripe.network/out-4.5.42.js

54.230.111.59

200 OK

18 kB

URL HTTP/2
m.stripe.network/out-4.5.42.js
IP
54.230.111.59:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
18 kB (17768 bytes)
Hash
ecee18d496ca8f879677bef3bb76b6c0
9ff9edb6ea7e528a79d80c3bb38071e8dd6cf7e7
065f4e22eb3bdb619e1f234e714894ee6aef5a16f4e6f11305c4a81de159448b

HTTP Headers

GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
date: Wed, 18 Jan 2023 05:30:42 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mX3lrm51e-g9wFVbNQ7uz5MMk16wGyeTuwaDBi_aRc23AGIxxstyXw==
age: 279
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:19 GMT
Last-Modified: Wed, 18 Jan 2023 03:49:30 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
07931783d8a6b1253cc763eb5b6caead
f8c95a271abc4613dd3890569d3b8bbc804626e8
fdbbb489e88cd83d33a37b8cb32a6b45bf22d0e612d3ddfd3daa32e0fc100af2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4332
Cache-Control: max-age=149508
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 05:35:20 GMT
Etag: "63c71931-1d7"
Expires: Thu, 19 Jan 2023 23:07:08 GMT
Last-Modified: Tue, 17 Jan 2023 21:54:57 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0

50.87.147.174

200 OK

120 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32065)
Size
120 kB (119841 bytes)
Hash
517b1c7f4c104975d2d1eb50d7dc3d7b
2dea0298db477398a4da7a9dbde1d3a5bd29b085
4f0c80a3c756595bb985d15831e8a7c0bf8ff9f823c298a6dd4218d055ec91c0

HTTP Headers

GET /wp-content/themes/born-to-give/assets/vendor/fullcalendar/fullcalendar.min.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

m.stripe.com/6

54.149.171.250

200 OK

156 B

URL HTTP/2
m.stripe.com/6
IP
54.149.171.250:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
156 B (156 bytes)
Hash
7f6b9e431e584dd58c80f19e5c3f0d6b
deb612bc8c17876b31e0bd663111d729c0d46799
096af9e207c9ffa968d898c919d0df9ecc14e720ca893c494b769a8f56fecd12

HTTP Headers

POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2320
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 05:35:20 GMT
content-length: 156
set-cookie: m=f20e82b0-9668-41ee-8603-795ce01f306d766a6a;Expires=Fri, 17-Jan-2025 05:35:20 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-bg-intended-route-color: green
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561

50.87.147.174

200 OK

285 kB

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2048x1365, components 3\012- data
Size
285 kB (284573 bytes)
Hash
1da36ae1f1f553480954cad42fa3a915
8ea96d0369481f3ecdbb396f28230957d2703d0f
b0ab25683b22d4e203408732f467e7f868cee58208ba8abd2855c29007f5642c

HTTP Headers

GET /wp-content/uploads/2020/06/green-bg-nature-scaled.jpg?id=2561 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:39:26 GMT
accept-ranges: bytes
content-length: 284573
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 16 Nov 2022 00:02:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled-e1591933425593.jpg

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled-e1591933425593.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/06/wtf-image-scaled-e1591933425593.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 03:33:11 GMT
accept-ranges: bytes
content-length: 352159
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:19 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:19 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/06/wtf-image-scaled.jpg?id=2618 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 21:51:24 GMT
accept-ranges: bytes
content-length: 1092367
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:16 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:16 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/js/helper-plugins.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/uploads/2019/06/Home-Page-Slider-1.jpg

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/uploads/2019/06/Home-Page-Slider-1.jpg
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2019/06/Home-Page-Slider-1.jpg HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Cookie: _ga_F8TV2PV5PB=GS1.1.1674020115.1.0.1674020115.0.0.0; _ga=GA1.1.1403485501.1674020115; _ga_GJFR4WCEMT=GS1.1.1674020115.1.0.1674020115.0.0.0; charitable_session=282bd2e8274a51a09a032e5742d6c2a3||86400||82800
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 24 Nov 2021 04:34:09 GMT
accept-ranges: bytes
content-length: 287362
cache-control: max-age=10368000, public
expires: Thu, 18 May 2023 05:35:19 GMT
content-type: image/jpeg
date: Wed, 18 Jan 2023 05:35:19 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/assets/js/ui-plugins.js?ver=1.0 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.31 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 13:22:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Wed, 19 Oct 2022 02:46:29 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:15 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 18 Jan 2023 05:35:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8

50.87.147.174

200 OK

0 B

URL HTTP/2
www.wholenesstofreedom.org/wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8
IP
50.87.147.174:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/born-to-give/style.css?ver=81582bdb254a94e4464424087c6479a8 HTTP/1.1
Host: www.wholenesstofreedom.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wholenesstofreedom.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Thu, 20 Oct 2022 23:44:55 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Thu, 18 Jan 2024 05:35:14 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Wed, 18 Jan 2023 05:35:14 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (49)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML