r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10221
Expires: Wed, 07 Sep 2022 18:30:56 GMT
Date: Wed, 07 Sep 2022 15:40:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 15:04:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cLTKvqmEoT4CQEnShMhVvt8j1NYCrm15cV8MY7719U18_e6I1Yv8FA==
Age: 2154
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0SO1G-vvlqxtU7kEfcMNFm9az8_JP2zg0TA3a-Dfj3EnSUQhdpvMiw==
age: 42841
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
137.63.144.2301 Moved Permanently 286 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
IP 137.63.144.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 730358d312ddbf5dabdf40f55f0e9e97
bf3b223666385f151bf12eb5795698de82f01a0d
938906f6bb8949e51c07d28655521064dcf2442c5ef843e283ff934d0c5a3347
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/suavizar/login/mkbnetbankar/login.php HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Sep 2022 15:40:35 GMT
Server: Apache
Location: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Content-Length: 286
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 15:40:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 07 Sep 2022 15:38:18 GMT
Cache-Control: max-age=3600
Expires: Wed, 07 Sep 2022 16:04:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LxxDGHE9Huwp2GQG9chkjj1H-o5-oV4CulRyXuDcLN1TgtrsW9Q2Wg==
Age: 137
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3290
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:35 GMT
Last-Modified: Wed, 07 Sep 2022 14:45:45 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 466cab9103b5a134a1bd8159ec827301
880e84f373241a99e8670c506b334c28f91d3777
823cb5d20d68d6c20686a0876c536f9b8a38a55ee66ac347d3ed37c88997ed3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "823CB5D20D68D6C20686A0876C536F9B8A38A55EE66AC347D3ED37C88997ED3B"
Last-Modified: Tue, 06 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Wed, 07 Sep 2022 21:39:39 GMT
Date: Wed, 07 Sep 2022 15:40:35 GMT
Connection: keep-alive
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bB4uQrzB7jlSTX/iTwB4kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qmg4rnLhxftLnHZ4uh27xrK4XMc=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11023
Expires: Wed, 07 Sep 2022 18:44:20 GMT
Date: Wed, 07 Sep 2022 15:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11023
Expires: Wed, 07 Sep 2022 18:44:20 GMT
Date: Wed, 07 Sep 2022 15:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11023
Expires: Wed, 07 Sep 2022 18:44:20 GMT
Date: Wed, 07 Sep 2022 15:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11023
Expires: Wed, 07 Sep 2022 18:44:20 GMT
Date: Wed, 07 Sep 2022 15:40:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjbiJHuZoAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:57:13 GMT
age: 63804
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq26FI7oAMFpOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:33 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 64264
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 62765
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: 1a501a0a-2671-468b-885b-2a2efb73bc2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq64HbCIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317beab-395f6d1436b027ee60d00abd;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZWf6CXKcClMXAXmFXNp0sxVCMUFyZqhhh7B83tJMX_jvteLRDzG8QA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:04 GMT
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
age: 64713
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:12:06 GMT
age: 37711
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 0054ce27-72f6-4161-90d0-eeb20d9c9537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqcrEczIAMFqlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdea-0c3e511533c91b783a458f2b;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q4n9f959aCshN6qgQ2LWVSUTmSd4hvjWyF2GNdsR1_asVSdFKxXsqw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:08 GMT
age: 64769
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900
IP 142.250.74.10:0
Hash b443f158babc7eef37c8422f4b060018
4ad700447aceadd887879447a2e70f478a4b94fc
3db7254fe230087e7f1360ae2a5d48bd1702d64b51429957b52997f78a812f27
GET /css?family=Roboto%3A700%2C%2C400%2C900%7CBarlow%3A700%2C400%2C900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 15:40:39 GMT
date: Wed, 07 Sep 2022 15:40:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
137.63.144.2404 Not Found 42 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
IP 137.63.144.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1911), with CRLF, LF line terminators
Hash 6c3939c9f53898a6fdd5a38e080857df
581b763d8e4fc2a834da600694da11d317c010b2
3ec0eb1a25ccc3922e2ca4a34d56f447e38740d6ae0e124e526c4315f8a63174
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/suavizar/login/mkbnetbankar/login.php HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Wed, 07 Sep 2022 15:40:35 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Set-Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91; path=/
Pragma: no-cache
Link: <https://rif.mak.ac.ug/wp-json/>; rel="https://api.w.org/"
X-TEC-API-VERSION: v1
X-TEC-API-ROOT: https://rif.mak.ac.ug/wp-json/tribe/events/v1/
X-TEC-API-ORIGIN: https://rif.mak.ac.ug
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-F041G50W6C
142.250.74.72200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-F041G50W6C
IP 142.250.74.72:0
File type ASCII text, with very long lines (15517)
Hash e7b50b6380e46e13a2cbabb23d44082f
7e559c1a4e6fa3c533277ee7d2f826219d7db292
ae193208fd5c709eb340eb2099f6840bf002ba7335ab1df02f47925d0851f536
GET /gtag/js?id=G-F041G50W6C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Sep 2022 15:40:40 GMT
expires: Wed, 07 Sep 2022 15:40:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73920
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8
137.63.144.2200 OK 16 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash c6efcd93a4cca2bebf58de385f65ca80
172f3dcd8fe44ed28d77c9996f376f998c85dd38
b1c9554ecb00cdeff91028b6df899fe66a69b51c6001a95133a07558b37495da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/accesspress-social-counter/css/frontend.css?ver=1.8.8 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 08:48:05 GMT
ETag: "3d13-5a0cca5057d87"
Accept-Ranges: bytes
Content-Length: 15635
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1
137.63.144.2200 OK 1.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (1634), with no line terminators
Hash 5f209d26ccda9892a1fa030b3062a59d
7d6522a7107d3e8d60e37740f2f91844be48689b
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:09:00 GMT
ETag: "662-5b5779816e0ae"
Accept-Ranges: bytes
Content-Length: 1634
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2
137.63.144.2200 OK 1.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1939), with no line terminators
Hash 80145dc9e4908a34d14ca5a87d33c6d7
45524ba47da72574c224ed819104e4ce251b3cd6
45f461bf78813a1ee5c3a025b6b9bf83f9c78da98390f7208826dbd64573ec10
GET /wp-includes/css/dist/block-library/theme.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "793-59cb3e43e5aab"
Accept-Ranges: bytes
Content-Length: 1939
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2
137.63.144.2200 OK 5.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1146), with CRLF line terminators
Hash 8d517df24eb8309c995b98404b5845f6
7f63d83fc86dc430e7c30026a313d1ca6b53ae4c
11df23d06c2fdaab8008791b75abea58621728637c7c4b00cb9d1117584400df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "15ca-5d54dff31d0a6"
Accept-Ranges: bytes
Content-Length: 5578
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1
137.63.144.2200 OK 27 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (26843), with no line terminators
Hash 243eb3ecefba8d3f5e9bcc9ba2e2d743
39a83a22e3ebac8ca17e414e6f069ddc442a07d3
7c6d3da39b43a0322a762fd047157070ae066272f31a9863b39152bfb102b273
GET /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:09:00 GMT
ETag: "68db-5b5779816dcc6"
Accept-Ranges: bytes
Content-Length: 26843
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
137.63.144.2200 OK 1.7 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7
IP 137.63.144.2:0
Hash 8983e25a91f5c9981fb973bdbe189d33
30cd5e3a1f0cd121cfd1893b3c078b89ecba3f9c
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Fri, 20 Mar 2020 07:25:05 GMT
ETag: "6d2-5a1442f35e87b"
Accept-Ranges: bytes
Content-Length: 1746
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
137.63.144.2200 OK 42 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (41467), with no line terminators
Hash 9eeddc51b0b4a2580a959042d50f826e
e42006973f24baf82c96ee3ae594eedfa1719f82
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "a1fb-59cb3e43e5aab"
Accept-Ranges: bytes
Content-Length: 41467
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2
137.63.144.2200 OK 8.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2
IP 137.63.144.2:0
Hash 6e22824fb51ac8dc8b33ec0bc75f3412
42eed8ac9886accf13d99d616356e3d0bc681fc4
5f893bb95c126000ea6836ce2b92c4fd43a17bc62ca32a6f3f77f8f67584503a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/registrations-for-the-events-calendar/css/rtec-styles.css?ver=2.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:06:04 GMT
ETag: "2150-5b5778d93cf39"
Accept-Ranges: bytes
Content-Length: 8528
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2
137.63.144.2200 OK 19 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2
IP 137.63.144.2:0
Hash 03566d33926ecd53e5a06232492fe13c
692019f870d23884d9868f8038326fc46403a5d9
df67f156612b6329078b52d0d790bba08e7885b7320bc8d9a0fa80f5670adc47
GET /wp-content/plugins/wp-ultimate-review/assets/public/css/content-page.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 15:44:50 GMT
ETag: "4b89-5a06de2371e21"
Accept-Ranges: bytes
Content-Length: 19337
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8
137.63.144.2200 OK 46 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8
IP 137.63.144.2:0
File type ASCII text, with very long lines (317)
Hash c33e55a3e79984d24f3309545701cb1b
f86033f1ec21a3b20803a290318a9e7c4caa1de4
df583a3e1a03dd7122c020eea80b2747d9553e4161c22bfe112ff406f9e9b7dc
GET /wp-content/plugins/accesspress-social-counter/css/fontawesome-all.css?ver=1.8.8 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 08:48:05 GMT
ETag: "b425-5a0cca5057d87"
Accept-Ranges: bytes
Content-Length: 46117
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
137.63.144.2200 OK 5.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/tablepress/css/default.min.css?ver=1.10
IP 137.63.144.2:0
File type ASCII text, with very long lines (5871), with no line terminators
Hash 17a42baaae8926c5f8df316b9a3db617
4cd76dc34f8e2f31952b99db1b3b29f404d2996c
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 16:02:05 GMT
ETag: "16ef-5a06e1fe6c3eb"
Accept-Ranges: bytes
Content-Length: 5871
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
137.63.144.2200 OK 118 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (117772 bytes)
Hash 57d175c50adce0f293d975f4e2771f8f
fae18070c3edfb714081edcec6e33ac4e5e90503
851c7de0c776256e8ef9e62ebb510c4ac1ef9f7fc78dcc014c77bbea83786743
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "1cc0c-5b57784b63954"
Accept-Ranges: bytes
Content-Length: 117772
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
137.63.144.2200 OK 31 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (30837)
Hash 008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:02:28 GMT
ETag: "7917-5b57780b3fbbc"
Accept-Ranges: bytes
Content-Length: 30999
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/css/dashicons.min.css?ver=5.3.2
137.63.144.2200 OK 48 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/css/dashicons.min.css?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (47523)
Hash c8956481e00463f838b45364f45756df
256d7293ac07bb9b43a9757ba11057cad148818c
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
GET /wp-includes/css/dashicons.min.css?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "b9c6-59cb3e43e5e93"
Accept-Ranges: bytes
Content-Length: 47558
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/animate.css?ver=1662565236
137.63.144.2200 OK 24 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/animate.css?ver=1662565236
IP 137.63.144.2:0
Hash ef07eb63e3d54fcef0fe398abf4fdace
acbaa5775aa754ec7d4feca4eab63e1f587ce715
c4c6695d2db9b640a6ece790b2961c3157cc740662e9337869c5a26e5487feca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/animate.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "5d28-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 23848
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1662565236
137.63.144.2200 OK 8.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1662565236
IP 137.63.144.2:0
Hash fdd21658e6611d0a656a3be8cb66054c
922d4fe7f98aa4d30e7212b73e1f2c94cface4b0
a726e517a12addb48c0030f9e595a0a6412050ce1673d43bba7709a45aa8a8aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/magnific-popup.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "2167-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 8551
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/icon-font.css?ver=1662565236
137.63.144.2200 OK 17 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/icon-font.css?ver=1662565236
IP 137.63.144.2:0
Hash 83275cd4aeaa3131bf07a012983efb76
a9e19cb375bd0a0bf118796bfbc4f0441c5d802a
de00e784dae37086c9269b2fdd7204bff5d41ef3040328ace9a38f616b593dde
GET /wp-content/themes/digiqole/assets/css/icon-font.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "416c-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 16748
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3
137.63.144.2200 OK 251 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3
IP 137.63.144.2:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 251 kB (251187 bytes)
Hash a2694a0bd894090949de0b952b47d4f9
ae22b3651974712e76ea65582b97a144d029dda1
f7088fa78690fe80377c0954b92635912868e876d1b6098d6b31f0d6ae2a95cb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/material-design-for-contact-form-7/assets/css/cf7-material-design.css?ver=2.6.3 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:40 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "3d533-5b57787118842"
Accept-Ranges: bytes
Content-Length: 251187
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1662565236
137.63.144.2200 OK 2.9 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (2846)
Hash de0dfbabe627afa1b718d848b6b58e97
73d8a692734089983b00005d99ef8e5e5b0dadeb
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/owl.carousel.min.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "b78-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 2936
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1662565236
137.63.144.2200 OK 1.0 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (846)
Hash 594b81805a98b267e47c70a8fad30d9f
684d84ec40b305ca14efc88c91f12972cb6342b4
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
GET /wp-content/themes/digiqole/assets/css/owl.theme.default.min.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "3f5-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 1013
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1662565236
137.63.144.2200 OK 54 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1662565236
IP 137.63.144.2:0
Hash 77d0c92e92f34d1257252fd4be039116
29875998aba85af131a8fecc10ded5ac1d69f609
5879a94b1b727b7ede08cffd69d13d79c663e7de221027d75b64832c9bf0d5c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/jquery.mCustomScrollbar.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "d14f-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 53583
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1662565236
137.63.144.2200 OK 6.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1662565236
IP 137.63.144.2:0
Hash 77a86369cb3f1547c0f4eb96f5ffa4cc
6cac11684a73a837b4c66de0d12723644fb4b84d
5f443d62bda0cf802312ae87b617a0b46447b35ac770e7d0df866e1196d462b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/woocommerce.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "1937-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 6455
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/blog.css?ver=1662565236
137.63.144.2200 OK 20 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/blog.css?ver=1662565236
IP 137.63.144.2:0
Hash efdc8ce96b5ff7cc0ae2cb3b49970acf
dfeebb7b08548c3531a9d7867d4d971b6af8dc68
c3422004ce1285d7b6237041a8f9be028ccda40f4c681e2e360797dbeba94ba1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/blog.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "4f67-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 20327
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
137.63.144.2200 OK 14 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (10942)
Hash b2bdc6d8dfd107ed138f042d71ad4be2
c0efe12b5d5aecfed04bf625e41dbf7a64008d3c
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "362a-59cb3e43e2bcb"
Accept-Ranges: bytes
Content-Length: 13866
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1662565236
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (432)
Hash d940186729052f99506538117967bb64
1bb339abea3b2d8de3735c7c5a603a24b1e5c598
ecb47cf8d19149540a5b5593aad4a46199051ab5f307c5c23bde277dfe55d5b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/gutenberg-custom.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "6d9c-59cb3e43c2441"
Accept-Ranges: bytes
Content-Length: 28060
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10
IP 137.63.144.2:0
File type ASCII text, with very long lines (28035), with no line terminators
Hash 5bf41e8704f9c1e250182eb6f8ff8212
c716565c820ecb6593f387554ed285c973654870
34d36ff0aafe4dd8d250a7d1d67bac7e5c7f4f28aa3c8db91d0ec0e649eb9dac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "6d83-5b57784b73355"
Accept-Ranges: bytes
Content-Length: 28035
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
137.63.144.2200 OK 10 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 137.63.144.2:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "2748-59cb3e43e433b"
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/master.css?ver=1662565236
137.63.144.2200 OK 169 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/master.css?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (504)
Size 169 kB (169405 bytes)
Hash 00837687097a8deddd4dc8552e4e1f3c
6407a74d5d60d97ae75633b4862bb3c53ab64722
551f80eefa1d10922a57c6997ab2f97904c1b7478be225da944c44b54602d64e
GET /wp-content/themes/digiqole/assets/css/master.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "295bd-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 169405
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2
137.63.144.2200 OK 43 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash d91f3cef00a21c1f34e9ec59d0e57283
76a0273ba69ca7a499a0578f0d63eba8e7aabb5d
abbff281326efaaf147ef1fd2ad7bdf23c69073fb7e826b9c41cac1ebd27332e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/accordions/assets/frontend/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:01:36 GMT
ETag: "2b-5b5777d94faa0"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
137.63.144.2200 OK 97 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 137.63.144.2:0
File type ASCII text, with very long lines (31997)
Hash 49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "17a69-59cb3e43e433b"
Accept-Ranges: bytes
Content-Length: 96873
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2
137.63.144.2200 OK 1.8 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2
IP 137.63.144.2:0
Hash 953aef0cf9ee8fb1f07d304f3cf4c0dd
60d2fec7b069a73b2f34a78662eb7165400c95a3
2931bc0b780acd6d3cd2fc6cea2492ee55703ccc3bc0b8f866d0c371e5f4bd2e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-ultimate-review/assets/public/script/content-page.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Mon, 09 Mar 2020 15:44:50 GMT
ETag: "6f3-5a06de2372209"
Accept-Ranges: bytes
Content-Length: 1779
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
137.63.144.2200 OK 14 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7
IP 137.63.144.2:0
Hash 1534f06aa2b1b721a45372f8238e2461
86f7e7b926e1a88209d171b56dadbccc2c96f578
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Fri, 20 Mar 2020 07:25:05 GMT
ETag: "3868-5a1442f35f04b"
Accept-Ranges: bytes
Content-Length: 14440
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2
137.63.144.2200 OK 6.4 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (6226)
Hash c0c5e34bbe8095cb5173dc77ae2e36a8
3091570090d44faf045deaa1a91d27d13803e0e5
a64f1976c04df67406f792945f8171c91a44498eeb6b06239b22b1c416370437
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/codedropz-uploader-min.js?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "1918-5d54dff31d48e"
Accept-Ranges: bytes
Content-Length: 6424
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2
137.63.144.2200 OK 2.5 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2
IP 137.63.144.2:0
File type ASCII text, with CRLF line terminators
Hash f9341a7fadb42d823e89288af1efce90
e57b4060013e9d5bc1f98670b99208ea48c8a289
db71ca026f0fe23da093b81b732f0fe9062bacaa90fde9dce5bef7f1e7e03c15
GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/js/dnd-upload-cf7.js?ver=1.3.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Tue, 11 Jan 2022 12:57:34 GMT
ETag: "9b5-5d54dff31d48e"
Accept-Ranges: bytes
Content-Length: 2485
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0
137.63.144.2200 OK 3.6 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0
IP 137.63.144.2:0
File type ASCII text, with very long lines (3504)
Hash bd5ce81bfb5b4f3e2ac487ac65f4daf8
514dc1ea30ea9e4b84a55a689ba1f2c0fa7335c3
280df42702ec950d12b698c40b45c507fc362089f53eb8376d3152dc1d5898dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/material-design-for-contact-form-7/assets/js/lib/autosize.min.js?ver=1.0 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "dfa-5b577871197e2"
Accept-Ranges: bytes
Content-Length: 3578
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10
137.63.144.2200 OK 38 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10
IP 137.63.144.2:0
File type ASCII text, with no line terminators
Hash ee9d2c70ab0a5f44eb2df422198a07b9
abc45613f773509b869e78a42a817d9e09da8bce
25bf40064888964eb06e0980211b378b28d210737786e3d10546da7013398899
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:42 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "26-5b57784b60a74"
Accept-Ranges: bytes
Content-Length: 38
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Roboto:400,500
142.250.74.10200 OK 50 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500
IP 142.250.74.10:0
Hash 8cdeca57366b5abb6487680dce5958bd
385ff94a6a2c0fca7e6925184c7e22e09dc2346e
a503b56dd9a7b12f2ab2c2a074423cf6d5435d8818e191c20c6ae0f28d15e9bf
GET /css?family=Roboto:400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 15:40:40 GMT
date: Wed, 07 Sep 2022 15:40:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/popper.min.js?ver=1662565236
137.63.144.2200 OK 19 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/popper.min.js?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (19063)
Hash aad2475f1e2615224fa9716b53954be2
4f08d328c845410583e0a05c8d5a5bc61c23db47
8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/popper.min.js?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "4b24-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 19236
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1662565236
142.250.74.10200 OK 143 kB URL HTTP/2 fonts.googleapis.com/css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1662565236
IP 142.250.74.10:0
Size 143 kB (143090 bytes)
Hash 85bc9cf09175d5b180fab6710d786973
f488db27d4bf97ac1211d46b081622373a20227e
4cf29340bf2d49f3946cee2ab17731007c21655cf5d32afc3f7ea2066f308d73
GET /css?family=Barlow%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i&ver=1662565236 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 15:40:40 GMT
date: Wed, 07 Sep 2022 15:40:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1662565236
137.63.144.2200 OK 20 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (20087)
Hash ba6cf724c8bb1cf5b084e79ff230626e
f455c5f153f872e52265f87a644ff89fe14a6fb6
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/jquery.magnific-popup.min.js?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "4ef8-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 20216
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1662565236
137.63.144.2200 OK 964 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (964), with no line terminators
Hash 51abc4b947baae5e46545f0f0ada7eb4
348f8638545bf38e9f319652939bb0c9280d4501
94a8d6d2593de2028174575095e9fdf58a65aecbb4257c021bf11bb882e0254e
GET /wp-content/themes/digiqole/assets/js/jquery.appear.min.js?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "3c4-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 964
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1662565236
137.63.144.2200 OK 93 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1662565236
IP 137.63.144.2:0
File type Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash 334f1f87a34c59a498b7d7b74d00a07d
2f04614e11ab6310cd5fbda2df7db42d9e564bbb
0609b067a8f4e38b77182421989b698879141956338daa5c1968c11f87559deb
GET /wp-content/themes/digiqole/assets/js/raphael.min.js?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:42 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "16bf0-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 93168
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10
137.63.144.2200 OK 344 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10
IP 137.63.144.2:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 344 kB (343805 bytes)
Hash dac31169b5d033b049af2d107c81f0f6
68dde13066c786c6085c5377320d9988c6dd6947
256777f442a1ac7caba081909e82012367031079583494f2c82fae1f972991b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.10 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "53efd-5b57784b73355"
Accept-Ranges: bytes
Content-Length: 343805
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1662565236
137.63.144.2200 OK 43 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (32000)
Hash b7b9c97cd68ec336d01a79d5be48c58d
1a99890b57c9859a622337ed0b2f989d6e30cc0e
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/owl.carousel.min.js?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "a70e-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 42766
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1662565236
137.63.144.2200 OK 45 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (32011)
Hash 7d039583fef369577e9161d12c8c6ba2
15430bc876026d813c21e03a7a72ab4d6dcfe31a
c81b01b32b51fc61a3818d12e051effc099374c7436ff0146ed76fe1d0bbfa09
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/jquery.mCustomScrollbar.concat.min.js?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "ae4d-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 44621
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1662565236
137.63.144.2200 OK 4.0 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (3765)
Hash eac43429f465cc28ab77b033b7e0686e
add547d05e8c9ce8d3ddab731a133421416bb30b
f73f452b5961dbe04bffdc40586dc8c689e172c2dcbfa90353d92acb7a08c444
GET /wp-content/themes/digiqole/assets/js/jquery.easypiechart.min.js?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "f96-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 3990
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1662565236
137.63.144.2200 OK 145 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1662565236
IP 137.63.144.2:0
File type ASCII text, with very long lines (65325)
Size 145 kB (144877 bytes)
Hash 450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/css/bootstrap.min.css?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "235ed-59cb3e43c2059"
Accept-Ranges: bytes
Content-Length: 144877
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/script.js?ver=1662565236
137.63.144.2200 OK 13 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/themes/digiqole/assets/js/script.js?ver=1662565236
IP 137.63.144.2:0
Hash c846202915c15c3542cd337a3428cbae
6c449485eda989e1c572b778ffd2c55357b604be
4f0e911454dbb139072c660bb5cd6dcfaf745c6f1c8607a8144d7a6fee1c1218
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/digiqole/assets/js/script.js?ver=1662565236 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "317f-59cb3e43c0501"
Accept-Ranges: bytes
Content-Length: 12671
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2
137.63.144.2200 OK 28 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2
IP 137.63.144.2:0
Hash 54b2ba4e65cd4cfa7569a75fdd68f71d
a40d4940a2296a0f95f97705a0b9b5e3cfe5136d
ecb16ea1a740d524b507e3fc75e14556877ec2d3886b2f8e0b2ec9704b3fc36b
GET /wp-content/plugins/registrations-for-the-events-calendar/js/rtec-scripts.js?ver=2.6.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:42 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:06:04 GMT
ETag: "6e15-5b5778d93e6a9"
Accept-Ranges: bytes
Content-Length: 28181
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-includes/js/wp-embed.min.js?ver=5.3.2
137.63.144.2200 OK 1.4 kB URL HTTP/1.1 rif.mak.ac.ug/wp-includes/js/wp-embed.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (1399), with no line terminators
Hash 04133d37cfd0f08267530b905a5ffff3
6eb207e57c92ee341f57998cb191e5c9dc4fc738
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
GET /wp-includes/js/wp-embed.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:43 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 05:35:25 GMT
ETag: "577-59cb3e43e3b6b"
Accept-Ranges: bytes
Content-Length: 1399
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 590795
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
date: Wed, 07 Sep 2022 15:40:43 GMT
expires: Thu, 07 Sep 2023 15:40:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Hash c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rif.mak.ac.ug
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:36:55 GMT
expires: Wed, 06 Sep 2023 22:36:55 GMT
cache-control: public, max-age=31536000
age: 61428
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rif.mak.ac.ug/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5
137.63.144.2200 OK 6.8 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5
IP 137.63.144.2:0
File type ASCII text, with very long lines (6727)
Hash 0f00149954d5420af7b22c1fa979a663
68f65a314a8f3e40945bd2fde054e74ab3f3d649
e42d4d1224ddfc10b3953543711bdbfa58ca8beb3732a5456c1bfc1e4687dc16
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.7.5 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:43 GMT
Server: Apache
Last-Modified: Sat, 14 Mar 2020 13:47:50 GMT
ETag: "1a6e-5a0d0d4f601c3"
Accept-Ranges: bytes
Content-Length: 6766
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2
137.63.144.2200 OK 37 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2
IP 137.63.144.2:0
File type ASCII text, with very long lines (37054), with no line terminators
Hash 0cfbff3b001f601bec2937518e73a321
24d39cb83535eca8899993996c2e65dd0316135e
af51d2ee1c2757427220da779db814760be6fb92590b01436c2b46c706116469
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/goodshare.min.js?ver=5.3.2 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:43 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:03:35 GMT
ETag: "90be-5b57784b7567d"
Accept-Ranges: bytes
Content-Length: 37054
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
rif.mak.ac.ug/wp-content/uploads/2022/03/logo-rif-makerere-1.png
137.63.144.2200 OK 45 kB URL HTTP/1.1 rif.mak.ac.ug/wp-content/uploads/2022/03/logo-rif-makerere-1.png
IP 137.63.144.2:0
File type PNG image data, 270 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash 80ac4e75144ec5b43650861f73db0bee
ab827fd76a30dd56c25b23f5e1b4f1466efe216a
f18384b4b9869024693db67e9ec4698bb1f1ea6c4a28fe36e85817ddf43f9ee7
GET /wp-content/uploads/2022/03/logo-rif-makerere-1.png HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:43 GMT
Server: Apache
Last-Modified: Tue, 29 Mar 2022 11:21:31 GMT
ETag: "ae93-5db59a182fc1d"
Accept-Ranges: bytes
Content-Length: 44691
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 15:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3
137.63.144.2200 OK 0 B URL HTTP/1.1 rif.mak.ac.ug/wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3
IP 137.63.144.2:0
GET /wp-content/plugins/material-design-for-contact-form-7/assets/js/cf7-material-design-bundle.js?ver=2.6.3 HTTP/1.1
Host: rif.mak.ac.ug
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rif.mak.ac.ug/wp-content/plugins/suavizar/login/mkbnetbankar/login.php
Cookie: PHPSESSID=nuudukiedkmlcdq5nqa7grku91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 15:40:41 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 09:04:15 GMT
ETag: "887e0-5b57787119bca"
Accept-Ranges: bytes
Content-Length: 559072
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript