r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12847
Expires: Mon, 07 Nov 2022 05:44:55 GMT
Date: Mon, 07 Nov 2022 02:10:48 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3283
Cache-Control: max-age=119697
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:49 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:25:46 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10695
Expires: Mon, 07 Nov 2022 05:09:04 GMT
Date: Mon, 07 Nov 2022 02:10:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h5CFnJRa677G2/WQ9qicolsnXu4q1HHMFgN4jhCuj1jkZ4sBuNUfMaR7lWHaRe7xP4T1EBC8BEA=
x-amz-request-id: W9TFPTG3JEFG3WZN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 07 Nov 2022 02:10:41 GMT
age: 8
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 02:10:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
129.232.146.42301 Moved Permanently 20 B URL HTTP/1.1 plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
IP 129.232.146.42:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php HTTP/1.1
Host: plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 07 Nov 2022 02:10:49 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Content-Encoding: gzip
Vary: Accept-Encoding
Location: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6345
Cache-Control: max-age=117706
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:49 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:52:35 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
129.232.146.42404 Not Found 8.4 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
IP 129.232.146.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash fa31fcc115818c181c0e89dd68143459
c83616b7e779bbb3e07b6b294cca7807615a95d7
9a65f45b0dbb63807770a5eb6b1db0a237996d10d0e08118ad788cb4a9d375a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Mon, 07 Nov 2022 02:10:49 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.plussizewomensa.co.za/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z0cOCwUZ/XxwfpSymLmItg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: u7Gc39PiwurKGyl5oHIyJElLm+s=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.plussizewomensa.co.za/wp-content/plugins/wp-blog-post-layouts/includes/assets/css/build.css?ver=1.1.1
129.232.146.42200 OK 10 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-blog-post-layouts/includes/assets/css/build.css?ver=1.1.1
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash 89235f00447de2f2ccdb832681329fa4
e2a140411de802335a987743e1c83552d7e23478
bb074470335c51ce340226d0cd210450874e73fe2ab2ea1577f97cda61018742
GET /wp-content/plugins/wp-blog-post-layouts/includes/assets/css/build.css?ver=1.1.1 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Fri, 25 Mar 2022 00:09:41 GMT
Accept-Ranges: bytes
Content-Length: 10417
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/slick.css?ver=1.8.0
129.232.146.42200 OK 1.9 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/slick.css?ver=1.8.0
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash b06073c5a23326dcc332b78d42c7290c
64e6c5ff99f14c65752e0322234160f8e83fc6c2
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/slick.css?ver=1.8.0 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Sat, 16 Apr 2022 00:01:07 GMT
Accept-Ranges: bytes
Content-Length: 1895
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/slick-theme.css?ver=1.8.0
129.232.146.42200 OK 3.3 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/slick-theme.css?ver=1.8.0
IP 129.232.146.42:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 6871ac955afccdaed362066d02944c08
cb8c9b34cd41a591db5368b2d45548c5e4692985
fdd9cbba3bf008781e612f203bbe8674b395685abc0691fcc03a571aeb140d29
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/css/slick-theme.css?ver=1.8.0 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Sat, 16 Apr 2022 00:01:07 GMT
Accept-Ranges: bytes
Content-Length: 3347
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/css/build.css?ver=1.0.8
129.232.146.42200 OK 43 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/css/build.css?ver=1.0.8
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash 4d778128cb6551971688e37cf7f514f8
260e3d822c3448725cf090734be08ec10b7b6763
817dcbe2aa92a904d48ef231f3391ae34c65427c74cfd4678fafcfb63608ee54
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-magazine-modules-lite/includes/assets/css/build.css?ver=1.0.8 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Sat, 16 Apr 2022 00:01:11 GMT
Accept-Ranges: bytes
Content-Length: 43136
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
129.232.146.42200 OK 89 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 129.232.146.42:0
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Tue, 02 Aug 2022 06:47:31 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/library/lightslider/css/lightslider.min.css?ver=1.1.6
129.232.146.42200 OK 5.5 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/library/lightslider/css/lightslider.min.css?ver=1.1.6
IP 129.232.146.42:0
File type ASCII text, with very long lines (5449), with CRLF line terminators
Hash 06ccfca7808db5080d7c3a1f1c549e3f
c6e531e4bcbc7777d16c0763e9cf922f81990b40
5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/news-portal/assets/library/lightslider/css/lightslider.min.css?ver=1.1.6 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2020 13:02:34 GMT
Accept-Ranges: bytes
Content-Length: 5536
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
129.232.146.42200 OK 31 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 129.232.146.42:0
File type ASCII text, with very long lines (30837)
Hash 008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Thu, 27 Jun 2019 09:54:54 GMT
Accept-Ranges: bytes
Content-Length: 30999
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/css/np-responsive.css?ver=1.3.2
129.232.146.42200 OK 9.3 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/css/np-responsive.css?ver=1.3.2
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash 28dc05ce548e6847c7199778b07d6cbb
d2d5adae9239f360d7207c1c90220be39643ca9f
bf6aaa53ea17568c5f17a3b7bfe041de14b65821fff0c5e0a3f01372f9ebe4ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/news-portal/assets/css/np-responsive.css?ver=1.3.2 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Mon, 25 Jan 2021 14:49:36 GMT
Accept-Ranges: bytes
Content-Length: 9314
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-content/plugins/wp-blog-post-layouts/includes/assets/fontawesome/css/all.min.css?ver=5.12.1
129.232.146.42200 OK 57 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-blog-post-layouts/includes/assets/fontawesome/css/all.min.css?ver=5.12.1
IP 129.232.146.42:0
File type ASCII text, with very long lines (57147)
Hash 2a0e11a7655cf7af50d9152727c134ef
136e6626dc83d228b50416249fe05864ab065e40
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-blog-post-layouts/includes/assets/fontawesome/css/all.min.css?ver=5.12.1 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Fri, 25 Mar 2022 00:09:41 GMT
Accept-Ranges: bytes
Content-Length: 57333
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
129.232.146.42200 OK 90 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 129.232.146.42:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 15:48:31 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
129.232.146.42200 OK 11 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 129.232.146.42:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 15:48:31 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-includes/js/imagesloaded.min.js?ver=4.1.4
129.232.146.42200 OK 5.6 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 129.232.146.42:0
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 15:48:31 GMT
Accept-Ranges: bytes
Content-Length: 5629
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-includes/js/masonry.min.js?ver=4.2.2
129.232.146.42200 OK 24 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/js/masonry.min.js?ver=4.2.2
IP 129.232.146.42:0
File type ASCII text, with very long lines (23966)
Hash 3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 30 Nov 2021 15:48:31 GMT
Accept-Ranges: bytes
Content-Length: 24138
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/plugins/wp-blog-post-layouts/includes/assets/js/frontend.js?ver=1.1.1
129.232.146.42200 OK 786 B URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-blog-post-layouts/includes/assets/js/frontend.js?ver=1.1.1
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash 6811b8c35571b3bdeb4cb860803f2ef7
334647220511ba1a2fafd7977bc252f04f0f340d
eb861e3c0220c94296bbdeb8deb876054e90e7d60dd27b7b8eb04be54d94b5d8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-blog-post-layouts/includes/assets/js/frontend.js?ver=1.1.1 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Fri, 25 Mar 2022 00:09:41 GMT
Accept-Ranges: bytes
Content-Length: 786
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/themes/news-portal/style.css?ver=1.3.2
129.232.146.42200 OK 62 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/style.css?ver=1.3.2
IP 129.232.146.42:0
File type ASCII text, with very long lines (720), with CRLF line terminators
Hash f1690e46722c33b39d6ace215ce17c4b
67f0ea498d1363e87acb847e16a5dd17935848c3
87e4a8e61078f583d84429cb84b915a0ae5eb711f75f977544a0bb75ed213c42
GET /wp-content/themes/news-portal/style.css?ver=1.3.2 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:50 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 08:14:36 GMT
Accept-Ranges: bytes
Content-Length: 62098
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/js/frontend.js?ver=1.0.8
129.232.146.42200 OK 7.3 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/js/frontend.js?ver=1.0.8
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash d40206cce7583155ac6fc617e051a315
986d599a75c840dd567a5b5ef58dedf9d58f3808
04a8bde8aeb87047442e029f58cfefa6d7361144fa414fde3b4a92a0b092abb6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-magazine-modules-lite/includes/assets/js/frontend.js?ver=1.0.8 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Sat, 16 Apr 2022 00:01:11 GMT
Accept-Ranges: bytes
Content-Length: 7322
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13727
Expires: Mon, 07 Nov 2022 05:59:38 GMT
Date: Mon, 07 Nov 2022 02:10:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdff3860-eced-4251-b1d8-7417addfbe09.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdff3860-eced-4251-b1d8-7417addfbe09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dbaafe8423c84a7ce91d3e24666d297
ea5b8e1067c47ee223c4de98b56e2c803ff5dbf7
df1db80b4d217d185e2f7e6ecf50c2547feec104411fe121c3303dd49bd26f03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdff3860-eced-4251-b1d8-7417addfbe09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5374
x-amzn-requestid: f8819162-8a09-4395-95d7-076df001e087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKLdPF6qoAMFxrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636725ee-4b17f70f54752c1f27b042df;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 03:11:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Po-Bq5lCVpmIHi6SLoyjaVJOF15jLff4OxxOeqYKDKXsd8SSehQXSQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:39:54 GMT
age: 81057
etag: "ea5b8e1067c47ee223c4de98b56e2c803ff5dbf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13727
Expires: Mon, 07 Nov 2022 05:59:38 GMT
Date: Mon, 07 Nov 2022 02:10:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ef544a0-c6ca-407f-9267-0d760303f311.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ef544a0-c6ca-407f-9267-0d760303f311.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d09300bebcacbd170aa8f6393d1b43f0
18b3df299b9f22f9cfda5e7b38a89c551cef1c6b
231bccdfaab237920fa122e71d45a62713792f9e02503e4eba0fcf72dd2f323a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ef544a0-c6ca-407f-9267-0d760303f311.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9066
x-amzn-requestid: 84bc4739-ecab-4480-a653-8c6fc3653ab9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMtVSF5loAMFl7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636828ee-67bb1f4f589c4a025c76b37c;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ohXv4tJBQBEHC1h07uRzBecix6BsOWgEDqdBlXjBA40oo7dOItfebA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:39:11 GMT
age: 16300
etag: "18b3df299b9f22f9cfda5e7b38a89c551cef1c6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13727
Expires: Mon, 07 Nov 2022 05:59:38 GMT
Date: Mon, 07 Nov 2022 02:10:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08fced45-2207-4622-ad9c-c2ab54f27b2a.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08fced45-2207-4622-ad9c-c2ab54f27b2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c405a2c2821da31e4000a3badb64d60
4ae120aa65e23ea40cf9f3dc25c5c3c0aba24db9
c192840e892b171fe60c7688b3e6388433d4fcc8a0a1f54699a361373da64d37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08fced45-2207-4622-ad9c-c2ab54f27b2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7460
x-amzn-requestid: 031771ee-eab5-41f8-80de-5281dded85bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMtUrE79IAMF3vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636828ea-58109a273d57d22c7149dbf2;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LS98d51I0ItMw5BmilaSOJUX9OiJluTdfx3x5iuRnYNJ_xaD5Bz8dg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:39:11 GMT
age: 16300
etag: "4ae120aa65e23ea40cf9f3dc25c5c3c0aba24db9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13727
Expires: Mon, 07 Nov 2022 05:59:38 GMT
Date: Mon, 07 Nov 2022 02:10:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 70972
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13727
Expires: Mon, 07 Nov 2022 05:59:38 GMT
Date: Mon, 07 Nov 2022 02:10:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a5e060b41bd5313b1cf828c1d5ecbcc
e63e4bee84953491236a8261ef07b5a4743fa891
e8750b0156ed980f11682d92f5c60ce2783518b37f156e74340617a74d826813
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13224
x-amzn-requestid: d6c8a626-313d-4add-9467-eb946a38262a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a9iPHEkgoAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6362172d-1be7a03a1b288dec56281915;Sampled=0
x-amzn-remapped-date: Wed, 02 Nov 2022 07:07:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: R2vHbrKm_n2kWK3bG4htWAIqi1YNjNjaX8LG5AWWHPlKnaWi6JAGzA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 15:14:16 GMT
age: 39395
etag: "e63e4bee84953491236a8261ef07b5a4743fa891"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefee2ae9-d184-46f8-a533-ea273a91af2e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefee2ae9-d184-46f8-a533-ea273a91af2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e77fbdbce177ac614b2927102fc12829
a2bed4ca0144a095081328d8764425a1db201cd6
4883c9adc382eae7b7caf635c27b1ef5710764a419f38187ed67e1b48e14a8b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefee2ae9-d184-46f8-a533-ea273a91af2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10259
x-amzn-requestid: ae2a64bf-cd9f-4ff7-a983-0bb2878b6875
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMtUsHtPIAMFcFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636828ea-09168b3147e89dd82c1dac43;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: unEiI90qfLjOa-EK2vuA-bQkOP83y7hW9Xaqh8r6jLJdWAfz18CQEQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:39:11 GMT
age: 16300
etag: "a2bed4ca0144a095081328d8764425a1db201cd6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/jQuery.Marquee/jquery.marquee.min.js?ver=1.0.0
129.232.146.42200 OK 9.1 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/jQuery.Marquee/jquery.marquee.min.js?ver=1.0.0
IP 129.232.146.42:0
File type ASCII text, with very long lines (1219), with CRLF line terminators
Hash dc86bf044375a27156d9f42772de3e02
98cc2719daacdd6d85ab3a8a4d097b2450bc6420
f7ec795d6ca0df8d0083c41b1a57aed9a3500897442639a0c24999a749eed08a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/jQuery.Marquee/jquery.marquee.min.js?ver=1.0.0 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Sat, 16 Apr 2022 00:01:11 GMT
Accept-Ranges: bytes
Content-Length: 9091
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/js/navigation.js?ver=1.3.2
129.232.146.42200 OK 3.1 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/js/navigation.js?ver=1.3.2
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash d8d8a1edf98d742670be4e1416432bc8
68ff5288dab07e7854ed6de4e93ac70aca2aa871
b8f76f98505a3d8a161055f180c9f0302ffe29f66037aff8f1c3f600d17b5bb7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/news-portal/assets/js/navigation.js?ver=1.3.2 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2020 13:02:34 GMT
Accept-Ranges: bytes
Content-Length: 3085
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/library/sticky/jquery.sticky.js?ver=20150416
129.232.146.42200 OK 7.4 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/library/sticky/jquery.sticky.js?ver=20150416
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash df5375f96ba10f79b785b111f6281931
66d903c92952cbef54d3ba47ffd5590fac7be68d
43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/news-portal/assets/library/sticky/jquery.sticky.js?ver=20150416 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2020 13:02:34 GMT
Accept-Ranges: bytes
Content-Length: 7389
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.plussizewomensa.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 14:07:32 GMT
expires: Thu, 02 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 388999
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.plussizewomensa.co.za/wp-content/uploads/2022/01/cropped-Screenshot_143.png
129.232.146.42200 OK 1.4 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/uploads/2022/01/cropped-Screenshot_143.png
IP 129.232.146.42:0
File type PNG image data, 238 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 29d273d4b2822ec15f6320c2f6c322d8
90a0783f25e53c4ebf93b1e86407003e96d3183d
03b780db7c5c729f391660169db161b4b16f55f4a3be0f75dd456c7c9c1e634b
GET /wp-content/uploads/2022/01/cropped-Screenshot_143.png HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Sun, 30 Jan 2022 10:37:33 GMT
Accept-Ranges: bytes
Content-Length: 1390
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/js/skip-link-focus-fix.js?ver=1.3.2
129.232.146.42200 OK 714 B URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/js/skip-link-focus-fix.js?ver=1.3.2
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash 961e5e9a667a0344a28587fc4aea0f98
261c7321d7eb81194fbab3f734ab92ab517099fd
ee30de0a826081966aa58bd563d92e80a28a2af7415ad440889ddc1c0a3b5ef5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/news-portal/assets/js/skip-link-focus-fix.js?ver=1.3.2 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2020 13:02:34 GMT
Accept-Ranges: bytes
Content-Length: 714
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/library/lightslider/js/lightslider.min.js?ver=1.1.6
129.232.146.42200 OK 16 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/library/lightslider/js/lightslider.min.js?ver=1.1.6
IP 129.232.146.42:0
File type ASCII text, with very long lines (15891), with CRLF line terminators
Hash c38b071b6014a39d369dbbc7af2b663e
6623fc1ded87f5cae0c636954d452c3461ae2430
5f86fbe6f9cda69add588670bf8a9781f83e7ed2fe7b1b07c4172fa6eb080bc9
GET /wp-content/themes/news-portal/assets/library/lightslider/js/lightslider.min.js?ver=1.1.6 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2020 13:02:34 GMT
Accept-Ranges: bytes
Content-Length: 16026
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/js/slick.min.js?ver=1.8.0
129.232.146.42200 OK 43 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/js/slick.min.js?ver=1.8.0
IP 129.232.146.42:0
File type ASCII text, with very long lines (42862), with CRLF line terminators
Hash 777da4aaf5b960636dec0fd4e50ba489
9a94038ccae90e6d2a0f9cb61f79ae7c70320287
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
GET /wp-content/plugins/wp-magazine-modules-lite/includes/assets/library/slick-slider/js/slick.min.js?ver=1.8.0 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Sat, 16 Apr 2022 00:01:07 GMT
Accept-Ranges: bytes
Content-Length: 42864
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.plussizewomensa.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 369403
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.99200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.99:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.plussizewomensa.co.za
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 369403
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 02:10:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.plussizewomensa.co.za/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
129.232.146.42200 OK 12 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 129.232.146.42:0
File type ASCII text, with very long lines (11760)
Hash 1d376be55e51aea00d432f6659d3e0d1
cc5b9f6fa12d0a90b38d3d6e918401c9ad26332b
34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 02 Aug 2022 06:47:26 GMT
Accept-Ranges: bytes
Content-Length: 11937
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
129.232.146.42200 OK 21 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 129.232.146.42:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6aaf0a4e8eac131defea126f5b1b5fbf
24da0326af36303e5a1e9799a3c26f7a1077928c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 02 Aug 2022 06:47:26 GMT
Accept-Ranges: bytes
Content-Length: 20715
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/library/sticky/theia-sticky-sidebar.min.js?ver=1.7.0
129.232.146.42200 OK 5.4 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/library/sticky/theia-sticky-sidebar.min.js?ver=1.7.0
IP 129.232.146.42:0
File type HTML document, ASCII text, with very long lines (5370), with CRLF line terminators
Hash 9b7664fe260d1a57a13ca71507b43499
d07064a9d012bae3f256adfa7d021c40793c962c
fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/news-portal/assets/library/sticky/theia-sticky-sidebar.min.js?ver=1.7.0 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Sun, 19 Sep 2021 04:41:10 GMT
Accept-Ranges: bytes
Content-Length: 5431
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/js/np-custom-scripts.js?ver=1.3.2
129.232.146.42200 OK 7.2 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/js/np-custom-scripts.js?ver=1.3.2
IP 129.232.146.42:0
File type ASCII text, with CRLF line terminators
Hash 6e82ac1cece9c4b8f5959da33b92d1ee
80e7220afc31a5b002c4224f254a9bcfc4d861fd
633c4d068a2439e7892410fade3e249dc130ff7b7147830640e350044fd5e3b8
GET /wp-content/themes/news-portal/assets/js/np-custom-scripts.js?ver=1.3.2 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Thu, 24 Feb 2022 15:05:24 GMT
Accept-Ranges: bytes
Content-Length: 7246
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
129.232.146.42200 OK 19 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 129.232.146.42:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-includes/js/jquery/ui/x0x/v2/a242e7d2aa83ba9/failed_login.php
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 02 Aug 2022 06:47:26 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/images/menu-shadow.png
129.232.146.42200 OK 6.9 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/themes/news-portal/assets/images/menu-shadow.png
IP 129.232.146.42:0
File type PNG image data, 960 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash e8364c76f14f944c406c5749fab6c4c7
355d01afb0afbafec668a9f598bbd019c5915d54
f97f50780895cb200405df8c7bd49cf19ff8b443e2273064aeb1608b55b43e18
GET /wp-content/themes/news-portal/assets/images/menu-shadow.png HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-content/themes/news-portal/style.css?ver=1.3.2
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2020 13:02:34 GMT
Accept-Ranges: bytes
Content-Length: 6925
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.plussizewomensa.co.za/wp-content/uploads/2022/04/manufacturing-companies-in-south-africa-136x102.png
129.232.146.42200 OK 37 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/uploads/2022/04/manufacturing-companies-in-south-africa-136x102.png
IP 129.232.146.42:0
File type PNG image data, 136 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash bfc499ba97339b8206f4331c783ab372
ca3950ff66bfd3892e9cf76ac95e374ea5d75be2
6b13c01f57282fe582e10bcd8443fe2bbb7d7a8f766f973eb98221968580c002
GET /wp-content/uploads/2022/04/manufacturing-companies-in-south-africa-136x102.png HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 19 Apr 2022 11:48:48 GMT
Accept-Ranges: bytes
Content-Length: 37343
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.plussizewomensa.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
129.232.146.42200 OK 77 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 129.232.146.42:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2016 13:03:48 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
www.plussizewomensa.co.za/wp-content/uploads/2022/04/image-1-136x102.jpeg
129.232.146.42200 OK 4.3 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/uploads/2022/04/image-1-136x102.jpeg
IP 129.232.146.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 136x102, components 3\012- data
Hash fa5152ed37c0e99f3aec32163c3e31a6
40105f8fd692a35366965777fd05da7534147113
691440e1500cc9e42feb5a8995431b6da7db52b5aab686b6b62f7eb647d374e2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/04/image-1-136x102.jpeg HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Tue, 19 Apr 2022 11:30:31 GMT
Accept-Ranges: bytes
Content-Length: 4264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.plussizewomensa.co.za/wp-content/uploads/2017/07/cropped-news-portal-150x150.png
129.232.146.42200 OK 13 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/uploads/2017/07/cropped-news-portal-150x150.png
IP 129.232.146.42:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c8f8668956aa8f9b9bd4e8d4e2a98d7
dd7daee5b3fdd4d172fbd290efe326e479661ee8
46d9ff17ee24b0708a606f64a63360f26b2b4e6ab05d7c9fdb9e7ddd79a9a7e4
GET /wp-content/uploads/2017/07/cropped-news-portal-150x150.png HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Sun, 30 Jan 2022 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 12928
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.plussizewomensa.co.za/wp-content/uploads/2017/07/cropped-news-portal-300x300.png
129.232.146.42200 OK 33 kB URL HTTP/1.1 www.plussizewomensa.co.za/wp-content/uploads/2017/07/cropped-news-portal-300x300.png
IP 129.232.146.42:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 671cf5336e92015ebc30b85e5d0ef400
fcaa8c4086b90ef24264f9769068bef7d4ff67fa
ca20b1850cd57ab867df9efc126ffcb6fa715bb0da8c6d1ef38938c07bfc6579
GET /wp-content/uploads/2017/07/cropped-news-portal-300x300.png HTTP/1.1
Host: www.plussizewomensa.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 02:10:51 GMT
Server: Apache
Last-Modified: Sun, 30 Jan 2022 10:33:26 GMT
Accept-Ranges: bytes
Content-Length: 33111
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Roboto%3A400%2C100%2C300%2C400%2C500%2C700%2C900%7CYanone+Kaffeesatz%3A200%2C300%2C400%2C500%2C600%2C700%7COpen+Sans%3A300%2C400%2C600%2C700%2C800%7CRoboto+Slab%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C100%2C300%2C400%2C500%2C700%2C900%7CYanone+Kaffeesatz%3A200%2C300%2C400%2C500%2C600%2C700%7COpen+Sans%3A300%2C400%2C600%2C700%2C800%7CRoboto+Slab%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Roboto%3A400%2C100%2C300%2C400%2C500%2C700%2C900%7CYanone+Kaffeesatz%3A200%2C300%2C400%2C500%2C600%2C700%7COpen+Sans%3A300%2C400%2C600%2C700%2C800%7CRoboto+Slab%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Nov 2022 02:10:50 GMT
date: Mon, 07 Nov 2022 02:10:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700%7CRoboto%3A300%2C400%2C400i%2C500%2C700%7CTitillium+Web%3A400%2C600%2C700%2C300&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700%7CRoboto%3A300%2C400%2C400i%2C500%2C700%7CTitillium+Web%3A400%2C600%2C700%2C300&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700%7CRoboto%3A300%2C400%2C400i%2C500%2C700%7CTitillium+Web%3A400%2C600%2C700%2C300&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.plussizewomensa.co.za/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Nov 2022 02:10:50 GMT
date: Mon, 07 Nov 2022 02:10:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2