Report - www.tesu.rw/

Report Overview

Submitted URL
www.tesu.rw/
IP
68.66.216.56
ASN
#55293 A2HOSTING
Submitted
2022-09-08 19:36:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
www.tesu.rw	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	502 B	68.66.216.56
tesu.rw	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	27 kB	542 kB	68.66.216.56
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	1.7 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	29 kB	104.21.63.54
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	938 B	78 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.164.183.116
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	74 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-08	medium	www.tesu.rw/	Phishing
2022-09-08	medium	tesu.rw/	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simplelightbox.min.css?ver=5.9.4	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/portfolio-elementor/css/powerfolio_css.css?ver=5.9.4	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.9.4	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/imagesloaded.min.js?ver=4.1.4	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6	Phishing
2022-09-08	medium	tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08-1.jpeg	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/download-manager/assets/css/front.css?ver=5.9.4	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/masonry.min.js?ver=4.2.2	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3	Phishing
2022-09-08	medium	tesu.rw/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109	Phishing
2022-09-08	medium	tesu.rw/wp-content/themes/mesmerize/style.min.css?ver=1.6.109	Phishing
2022-09-08	medium	tesu.rw/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing
2022-09-08	medium	tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08.jpeg	Phishing
2022-09-08	medium	tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131	Phishing
2022-09-08	medium	tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files detected

URL
tesu.rw/wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
68.66.216.56
ASN
#55293 A2HOSTING

File type
gzip compressed data, max compression\012- data
Size
78 kB (78342 bytes)
Hash
b3bce5c322a3a4da082b96f849c3a6e3
e920eb6fb71670c4b88f1287dfbe67c738bf141b
3b21cd1a2e267cfd8dc6523361451d7bbf9a4876a6f94f185866d5a2f8eabe85

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (39)

	URL	Size	First Seen	Last Seen
	tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js?ver=1.6.131	50 kB	2023-03-07	2024-03-26
Pretty URL tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/js/companion.bundle.min.js?ver=1.6.131 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:43 Last Seen2024-03-26 12:59:41 Times Seen52 Hash 8096da933908c14e39c74d2868bb4b5a 86c1fc7bd9096452519ac3648f64e6153f7f5568 4561edaa7fb6fb3ef4fdc73112941ec87e7941ee3e8cc22f412a7ad35c9b92b6 Loading...

	tesu.rw/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 14:24:47 Times Seen31811 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	tesu.rw/	223 B	2023-03-07	2023-03-07
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:11 Last Seen2023-03-07 13:59:11 Times Seen1 Hash d6423b75bd3ea834a7b3375e0a451619 89e243363050b82f998988376f123ccfe727b17b 45c7a5f1901b77cd8db476e5e32eed2669e7d9fc37f0f74e475d014bc2a7b8e4 Loading...

	tesu.rw/	275 B	2023-03-07	2024-04-18
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-18 13:31:22 Times Seen110 Hash 78e755b0a81758fdf3b4a84e0eaf028f 91b2100458e60d382f5a2c0b109f78215d2c9004 19a6bb2edd5c78bc3652fe0ae038858734eda8121c8cf3f68ec4845d7fe01735 Loading...

	tesu.rw/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2	4.0 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:05 Last Seen2024-04-24 08:19:32 Times Seen3074 Hash 84cdf2af726ea0ad5c67b7ec6479e363 bba43108f022eaa28a7637c1ed7b7cb287d1691d 8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d Loading...

	tesu.rw/	2.1 kB	2023-03-07	2023-03-07
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:11 Last Seen2023-03-07 13:59:11 Times Seen1 Hash 562531377448c3d5bf75eee485619934 fd8bd2d18a9b46e5ee3ae7a42b419853baea7ed4 60f6e5b3ee6aab1f0e39fc647fe735d5a31816a7d3268d69a1aef347066b69b5 Loading...

	tesu.rw/wp-includes/js/masonry.min.js?ver=4.2.2	24 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-includes/js/masonry.min.js?ver=4.2.2 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-24 14:18:06 Times Seen15253 Hash 3b3fc826e58fc554108e4a651c9c7848 76778fd446e2ff2377588a7b4ac4d79f258427c9 e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Loading...

	tesu.rw/	68 B	2023-03-07	2024-04-24
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 14:24:47 Times Seen22450 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	tesu.rw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-24 14:24:47 Times Seen2814 Hash 64e89b93b02055fb75ea0913089ded0b 9ccf854a6acedb27496725fa7570a670fd7bd572 a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd Loading...

	tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218	8.2 kB	2023-03-07	2023-12-16
Pretty URL tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:46 Last Seen2023-12-16 15:54:12 Times Seen103 Hash f06f5b8bd6f9480126b69a747ef8fc9f f50fbd66a4980ba3945145fe46f99a4cc581db43 b1cd6aa6be5e4ad3a6060cbb659712844b194e6c773aafdaf8137a4849fcce6c Loading...

	tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6	33 kB	2023-03-07	2023-12-28
Pretty URL tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:46 Last Seen2023-12-28 10:21:49 Times Seen54 Hash dfc457a96c0bdf6bc67639baec26950d 6c007383f1c68df8630cb9b810997faf302ea092 fb8eefd3b7de32315b3ca986ab81875cadfc8d66fb7c416d8e523d64839d3ea9 Loading...

	tesu.rw/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c	5.7 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-24 14:24:47 Times Seen1017 Hash 7935d6e0f5c1a8dabaf92fa17cc5e513 2623f058ab2e57ad10120675d941c9b78eba82e8 e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 14:28:45 Times Seen37039721 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	tesu.rw/	96 B	2023-03-07	2024-04-18
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:30 Last Seen2024-04-18 13:31:22 Times Seen72 Hash d4410b830d796c4374bd75e8f0309550 e752d1df679b9ef7cda209df382c34b009f9a677 f296e0ae7bdc63c1d821191205da85dc493c7c59f65cefd198cdba4faedc5cc7 Loading...

	tesu.rw/	121 B	2023-03-07	2023-03-07
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:11 Last Seen2023-03-07 13:59:11 Times Seen1 Hash e85df26730218788ae047c95f86ffbc4 9dbe1225660f1fa2bd338b8418e430e878e9e187 e505d16d068f0cf924e4e0a67f857d927a21848d6704a9eb50a497cb83eccf1a Loading...

	tesu.rw/	444 B	2023-03-07	2023-03-07
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:11 Last Seen2023-03-07 13:59:11 Times Seen1 Hash 6d922dc01d79ab6f38533acca8dee004 96820477c9fd8591bad46fec111e975d1883ed13 dc4ab822feaba9fb7930fcfe9d7c9a3026804f740168fa92424536fcc4923d84 Loading...

	tesu.rw/wp-includes/js/imagesloaded.min.js?ver=4.1.4	5.6 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-24 11:47:14 Times Seen30961 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	tesu.rw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 14:24:47 Times Seen68588 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	tesu.rw/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2	31 kB	2023-03-07	2024-04-10
Pretty URL tesu.rw/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:53 Last Seen2024-04-10 14:59:20 Times Seen196 Hash 1a8e1d7558cc0bf8ebc948717784b426 1861fca4ec13d08d37ca2f1771cd4458f8214bd6 da342304a5d41b780a68df25dc5c8dca3acc843ca4bfb73935cbdf9cf03a69ff Loading...

	tesu.rw/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1	9.7 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-24 04:45:45 Times Seen4631 Hash cfb428c02811f0cbe515d5f3dca61de6 e95f8696fbe29a706e66ccf582b36d9bd650ab9f 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78 Loading...

	tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805	1.0 MB	2023-03-07	2023-03-07
Pretty URL tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:12 Last Seen2023-03-07 13:59:12 Times Seen1 Hash c0e65b60bc5acce2495cd1ac8a29fbae c284d7d5c3299272b44c31e6a6dce02c4133a3ae f045621c7dea9b02790a12c61d4c745aaca14277b84c7dfb6d41bbef8e4fd07f Loading...

	tesu.rw/wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215	1.9 kB	2023-03-07	2023-12-16
Pretty URL tesu.rw/wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:46 Last Seen2023-12-16 15:54:12 Times Seen6 Hash 458d85d67df8c87608291137e66669a5 1d71df27dcf53d0a9c1810d9af30d43b317a4ec1 aaa49181b06e440b8e9747f09d44421dd8adb4c5b975b2c2f3dc1ad76426be28 Loading...

	tesu.rw/	230 B	2023-03-07	2023-03-07
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:12 Last Seen2023-03-07 13:59:12 Times Seen1 Hash 48345d2ab99cdd256c34f3dc6791b63e 6dcc6d3156efa541eb260eb50959bf3dc89372a4 49b40064adc79dd287c8a3955555524d4ae38581d113e1593bd505279f3e9eac Loading...

	tesu.rw/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4	18 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 14:24:47 Times Seen12588 Hash 116c86c56f8db0bb63f15ceda50fdc98 75e308982ecf7cd43644b8b426e6aa1a0b0fbe26 def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Loading...

	tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=5.9.4	21 kB	2023-03-07	2024-04-23
Pretty URL tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=5.9.4 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:06 Last Seen2024-04-23 17:19:03 Times Seen1058 Hash c6946dff4854d4611da8aef36666b938 9118198bd2a853baa4644c6e819427150ca35160 7028ef6262d35db7dc22b05df3cbb3e93595ce90cd340fdc356620d961b01224 Loading...

	tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.9.4	62 kB	2023-03-07	2024-04-23
Pretty URL tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.9.4 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:06 Last Seen2024-04-23 17:19:03 Times Seen1284 Hash 99e3544139e4735274587a831002ebae 24a900bdfcefd52cbcff3bc36440af9b87cd5067 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72 Loading...

	tesu.rw/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.41	40 kB	2023-03-07	2024-04-23
Pretty URL tesu.rw/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.41 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:09 Last Seen2024-04-23 17:19:03 Times Seen669 Hash 23e21b730855e815510da406687ff619 22a6dd980e86f07f835ab5aee0aa60855582920b 4358a96884097724055a07c198c9eda6732136d6377c01e8ce5699993eff6d46 Loading...

	tesu.rw/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3	24 kB	2023-03-07	2024-04-19
Pretty URL tesu.rw/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:54 Last Seen2024-04-19 02:04:47 Times Seen1102 Hash 08ea8682652b05beea01dda05766d2e1 a88370395f5758361f27803c429286aa12c3f7ee 4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0 Loading...

	tesu.rw/	1.1 kB	2023-03-07	2024-02-28
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:58 Last Seen2024-02-28 12:51:51 Times Seen63 Hash 965f9009541115d1d028204458cad2e2 e286ef3bc94efad0f5f8fb4c8f78ffcc409950ca 626cbe41cab90b69fd17ad572a25c878d58aa9c496256a7e970d721658768aa7 Loading...

	tesu.rw/	16 B	2023-03-07	2024-03-28
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-03-28 16:26:36 Times Seen127 Hash 6e1203bf4e51a8f9346c015486f1b174 92914382056974dc37e71992e8022ebe7534b6ca 03c3f5d32d164af34310511113c00e68ba125dbfe49be9e3b2561c703bce0a89 Loading...

	tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215	2.1 kB	2023-03-07	2023-12-16
Pretty URL tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:46 Last Seen2023-12-16 15:54:12 Times Seen80 Hash ebd5313f6fd78a11f51edc955eb21887 294b5d78035feb765fd808d4515960b2177e304d e8a2548e0bcd9d03e578edf6d37f7328992c3687177f4cdc0bc3b07ef95d3784 Loading...

	tesu.rw/wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0	1.7 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:46 Last Seen2024-04-24 08:19:32 Times Seen2295 Hash 23b0d9051790b4a386f66ff1836815bc 0dc76a6bcad4bdce1b88ec6e68215733c97fc520 69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1 Loading...

	tesu.rw/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834	10 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-24 09:47:16 Times Seen1035 Hash 67e56dc626cd9e14d5f0cef38d0c36f7 0c03a4781237e2c86248b562b64e78afe3817c42 22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90 Loading...

	tesu.rw/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0	16 kB	2023-03-07	2024-04-17
Pretty URL tesu.rw/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2024-04-17 09:41:26 Times Seen332 Hash 8374f7f8ffb16adccc989da30f2fa16f 2438f234a5fe533c1aa752c4b077f4d0f16a4d1d 7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014 Loading...

	tesu.rw/	1.1 kB	2023-03-07	2023-03-07
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:12 Last Seen2023-03-07 13:59:12 Times Seen1 Hash 8ee22c08391623f0eea0f21314484f21 a374707ed4b5ec609f646d5392be6a3d85993432 44b9e9984c0a1ea3c807be0fb1b4bfe3c4597323f25be7b87e37b390d4a43499 Loading...

	tesu.rw/	1.4 kB	2023-03-07	2024-04-18
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:58 Last Seen2024-04-18 13:31:21 Times Seen104 Hash a94f1d7e1165304022aae86adcad90be d8dd7d80985d83fe00bff5be73cfef9a640b647a 21ce781d49513048ce8806e446d18f8b361502b79e0bd0a931ae1981216142af Loading...

	tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1	36 kB	2023-03-07	2024-04-24
Pretty URL tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1 IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:38 Last Seen2024-04-24 14:13:56 Times Seen1661 Hash 5fb7c19c9c51cfb99f5ff942629f0f21 14c7f59e73d2a99aa688c2443a9a9b24acbff43c a931e5af561b1f0efaf6cdb96aeac4c035c30756dd6edd1091da1a68747d35bc Loading...

	tesu.rw/	91 B	2023-03-07	2024-04-23
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:06 Last Seen2024-04-23 17:19:01 Times Seen476 Hash f231cf3015cd0931ba33e825343b48bb d6cfcbf58092bcbaec13e419e264d9e2894bbd86 98de1de200c64542b0278f062765eb2e6536fafbee1cb221b3f20e7ca73bc709 Loading...

	tesu.rw/	398 B	2023-03-07	2024-04-18
Pretty URL tesu.rw/ IP 68.66.216.56 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:31 Last Seen2024-04-18 13:31:22 Times Seen125 Hash e2a660db0196f986d83ae6550efd1880 7c1749e47578260df3f11e047cb16dd6058bc1f0 89509a92e80aaba5b030809286f1ffe85e4da2e437d0bb29c5003ffd7d0182ef Loading...

HTTP Transactions (88)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 19:05:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: US3VMWzi6UOrWo0WJoqdaB5y1Xc88i46rFxLEBkDQEO6t3acthSzGw==
Age: 1879

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3815
Expires: Thu, 08 Sep 2022 20:40:18 GMT
Date: Thu, 08 Sep 2022 19:36:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ni0GbGlvANSyw9GrkDVLc_q-ejdF-J-Ybrp6zSWOXnpYjz55d-Rqkg==
age: 57009
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 19:36:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 18:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 19:29:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XCf3dRBBrXYzvhgMPT0e1A5ACqMe6xb8z6gJ85d0bOktBrEHAVB3vg==
Age: 3506

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:44 GMT
Last-Modified: Thu, 08 Sep 2022 17:56:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.164.183.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.183.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uusFcRrydWU6qW+1uiSZcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZPr9Qd4fZdY+0xC+Wd8/5xAm6vE=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6214 bytes)
Hash
f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:29:44 GMT
age: 50821
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7251 bytes)
Hash
1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:17 GMT
age: 76768
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7492 bytes)
Hash
a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lbCmv9fV9iBGOQvxRzleYwC5dBYeu1kRgSSkC2hycDmavyXj-KlFSw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:24:59 GMT
age: 76306
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8162 bytes)
Hash
09267c271a56ba4c2d4197543f264fac
67ae4acd88571da51b81fa7ed963b7f2a71845b4
906163f9e1bb8908ae7fcfbf4debc2a42fd14a3f90c8814536025a57ee851dbe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8162
x-amzn-requestid: decb1d93-bcc9-4a71-a054-c537ad7d1add
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJvndF1fIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2c95-27cef2465fd0e6c849da81af;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:55:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: C_J0m9xfkCb5qsoO934KB2Ldk1-yMaMXkgiv9gWus7JqjN3M_HCpdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 18:01:20 GMT
age: 5725
etag: "67ae4acd88571da51b81fa7ed963b7f2a71845b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11365 bytes)
Hash
6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhobt81rs5gqg8hcr1Su3J3MNFt4_gR2hLHkIl5xDDS1HF9g_3ecCg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:40:35 GMT
age: 75370
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7885 bytes)
Hash
7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: MG4_YJuVqfSCQ80FTdo5XU8xIi74XtILVbIQAbByh54QNOoMJCyS-Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 78580
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.tesu.rw/

68.66.216.56

301 Moved Permanently

0 B

URL HTTP/1.1
www.tesu.rw/
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Sep 2022 19:36:44 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Redirect-By: WordPress
Set-Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068; httponly
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://tesu.rw/
Content-Length: 0
Keep-Alive: timeout=3, max=500
Content-Type: text/html; charset=UTF-8

tesu.rw/

68.66.216.56

200 OK

14 kB

URL HTTP/2
tesu.rw/
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15476), with CRLF, LF line terminators
Size
14 kB (13452 bytes)
Hash
7432ecac5b5c31fca5fa57754dee83a8
44b14c2765ec721ef40cb0d171cec142191ae91c
aca48756e8272be874e24549e912c946700093a3b97d3fcec28bfd8b7f8706ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/5.6.40
link: <https://tesu.rw/wp-json/>; rel="https://api.w.org/", <https://tesu.rw/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://tesu.rw/>; rel=shortlink
set-cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068; secure; httponly
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
content-length: 13452
content-type: text/html; charset=UTF-8
date: Thu, 08 Sep 2022 19:36:45 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/css/pwrgrids_css.css?ver=5.9.4

68.66.216.56

200 OK

1.5 kB

URL HTTP/2
tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/css/pwrgrids_css.css?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1498 bytes)
Hash
5149e402bc70db545a1b765b7f2caed2
41bf22c0f0269291eb86921388be9bf3999c2ba5
5c1d3076243ce3c853d998cc9f7000187354ed7a4d3970fe990f26ae907fe6ec

HTTP Headers

GET /wp-content/plugins/portfolio-elementor/modules/post-grid-module/css/pwrgrids_css.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a0d-2532-5df618f78d03a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1498
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4

68.66.216.56

200 OK

1.2 kB

URL HTTP/2
tesu.rw/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (4186), with no line terminators
Size
1.2 kB (1156 bytes)
Hash
30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Fri, 07 Feb 2020 11:40:10 GMT
etag: "7522a8c-105a-59dfada212a52-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1156
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simplelightbox.min.css?ver=5.9.4

68.66.216.56

200 OK

694 B

URL HTTP/2
tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simplelightbox.min.css?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (2379), with no line terminators
Size
694 B (694 bytes)
Hash
664f2b6117cc45e1c900fef1af327b3c
24bc95915f5a619e4c9cc5a59da5c51a6a7ec1fe
84f11279e3e6378f0270fd305299e4eae82ce2eeaf2ab1880b967322610a75fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simplelightbox.min.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543da3-94b-5df618f7ad3d8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 694
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

68.66.216.56

200 OK

2.6 kB

URL HTTP/2
tesu.rw/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (11256), with no line terminators
Size
2.6 kB (2592 bytes)
Hash
583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "7522a81-2bf8-5df62b920e8d1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 2592
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/portfolio-elementor/css/powerfolio_css.css?ver=5.9.4

68.66.216.56

200 OK

2.8 kB

URL HTTP/2
tesu.rw/wp-content/plugins/portfolio-elementor/css/powerfolio_css.css?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with CRLF line terminators
Size
2.8 kB (2803 bytes)
Hash
ddd06a5ad0b41127f3e5ded7c724cdcb
a933c8729c01b79590952969771250a537230a70
355b9281ba6f356402c2746887ed9f5680fe2411453852e81c704453e488be20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/portfolio-elementor/css/powerfolio_css.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a2c-a067-5df618f791e5a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 2803
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Rubik

142.250.74.10

200 OK

946 B

URL HTTP/2
fonts.googleapis.com/css?family=Rubik
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
946 B (946 bytes)
Hash
95d281181841d0a32733ecb4150b6e46
30a82607c93ec683c57ad3ac9515a7608c3d1f57
84339f10af1d2642fbbb4baf60e4453aa3f6389e22de3eb08514992d47f195bc

HTTP Headers

GET /css?family=Rubik HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 19:36:46 GMT
date: Thu, 08 Sep 2022 19:36:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tesu.rw/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4

68.66.216.56

200 OK

11 kB

URL HTTP/2
tesu.rw/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (39791)
Size
11 kB (11206 bytes)
Hash
68c55e0e26ede0ee6d29668c5e7ff18a
ea17cd26ac9dd53fdfb6b227d5737bc2714c4db5
ad7d949e15ee2ea92473b1fcdfa56cc6239de0aeceed78065aa3a060523c0e00

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:05 GMT
etag: "7522801-145db-5df62b8e775f5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 11206
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2

68.66.216.56

200 OK

5.5 kB

URL HTTP/2
tesu.rw/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (39912)
Size
5.5 kB (5480 bytes)
Hash
ecfecb25d0d4fc81b6c880494a8e514c
bc12168bb4eacf24ff45f0164a8a2871026a42ef
53ac665480e89ebf40f5a84f492a8aa74326cb0e652df36b815e11172d9da532

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:10 GMT
etag: "754478d-9be9-5df619059d8ed-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 5480
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1

68.66.216.56

200 OK

972 B

URL HTTP/2
tesu.rw/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text
Size
972 B (972 bytes)
Hash
8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:54:44 GMT
etag: "75439d7-aab-5df62becdcdc8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 972
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.9.4

68.66.216.56

200 OK

9.9 kB

URL HTTP/2
tesu.rw/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (45507)
Size
9.9 kB (9929 bytes)
Hash
a5c31fc0d7703fa2ce465b62b5b4dfe9
86c73fe36b74b95183d3fd29149f0cb4bac6a1fe
9537a365e74353121addd2ff96cf68fc56b81f7c6cd194f1783d54f39ff8132a

HTTP Headers

GET /wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:21 GMT
etag: "7543c22-b277-5df618d74cc37-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 9929
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.9.4

68.66.216.56

200 OK

9.8 kB

URL HTTP/2
tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (57835), with no line terminators
Size
9.8 kB (9768 bytes)
Hash
387cbe843176b30ca61a67e09b236ee9
1290c5afe83c7549c5e9b70512f609c34ed38b53
69a8274b0ad8141bc05bdde75675ba4944de802c694b0794243bfe89c02e6a59

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c6c-e1eb-5df618d8fddd2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 9768
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4

68.66.216.56

200 OK

4.9 kB

URL HTTP/2
tesu.rw/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (15224)
Size
4.9 kB (4930 bytes)
Hash
3179794486ec4ca8f59329ccd67ae3e1
4b9c6e22ee7966479ef9844259f39f19d584f4a4
6e616b83910943042f683d5d21691f7e15aca8e2d8d154ff8f35bf09c612297a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75231b7-4705-5df62b92351ff-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 4930
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215

68.66.216.56

200 OK

626 B

URL HTTP/2
tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with CRLF line terminators
Size
626 B (626 bytes)
Hash
8492bd6b7f3d5214a0f5f5c6a0bafc57
89882fc180abc13d1332466b9d9e6503af6f2acb
358e883582890ee66bc4677806f6ec96f69c640f8f1ec180de5a2a7749571a1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a11-843-5df618f78dbf2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 626
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215

68.66.216.56

200 OK

567 B

URL HTTP/2
tesu.rw/wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with CRLF line terminators
Size
567 B (567 bytes)
Hash
a0dad343be6729f23f95f1df90a4cb2e
efd6e16ea6a5531033eb99c87e0f047ff1d56fbf
0538266f92c2f2f9ad065f219d52951056abeb9308f77672e18b9ea3859242cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a33-792-5df618f792a12-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 567
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/imagesloaded.min.js?ver=4.1.4

68.66.216.56

200 OK

1.8 kB

URL HTTP/2
tesu.rw/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (5477)
Size
1.8 kB (1834 bytes)
Hash
951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75229a1-15fd-5df62b91f4eab-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1834
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

68.66.216.56

200 OK

2.4 kB

URL HTTP/2
tesu.rw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (6494), with no line terminators
Size
2.4 kB (2422 bytes)
Hash
c16f2821df385b57b616cb7c867e1253
6327ed04bc2d7c294db8358cdf8b06ff62c3eb13
ff1c71b966df6e007b9175772a52be12d7dd9b65aafcb78a55046f60e792ae42

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:17 GMT
etag: "7522192-195e-5df62b9982bb6-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 2422
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834

68.66.216.56

200 OK

4.0 kB

URL HTTP/2
tesu.rw/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
data
Size
4.0 kB (3968 bytes)
Hash
a2a26c31eec80b2d4b8296661652ac71
bf21083c2eb7c78a936eadc058ea23dfd5ce8efe
6fb2d8e93c2ad84d5541fcbe3b178e1724b60a9820b7ffcc72f9d8f42a278b97

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:13 GMT
etag: "752294c-28a7-5df62b9626a27-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 3968
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2

68.66.216.56

200 OK

1.7 kB

URL HTTP/2
tesu.rw/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
C source, ASCII text, with very long lines (4014), with no line terminators
Size
1.7 kB (1682 bytes)
Hash
378928a458b9a32d539470fb4bcaf34e
e9a05c4b7e7e2b0d73263fde1293d4d35322b3d7
2bb2847ddf8e0657812fb17dc13b557139710483131d346c5b543876558b1e68

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:11 GMT
etag: "75447da-fae-5df6190752908-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1682
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=5.9.4

68.66.216.56

200 OK

7.5 kB

URL HTTP/2
tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (21084)
Size
7.5 kB (7484 bytes)
Hash
c4a1c12a7ed7875f729fcd9dee7bddb1
f91a9ce3bec72b2c15abea8da8d7b59f9efebdca
029820eeba5a80dd14614fd547fea9101680567065a08ea125266ba7786292b3

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c72-52e2-5df618d8fe98a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7484
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218

68.66.216.56

200 OK

3.0 kB

URL HTTP/2
tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
Unicode text, UTF-8 text, with very long lines (8152), with CRLF line terminators
Size
3.0 kB (3027 bytes)
Hash
ca32a16d40d7a6ac56a5dfa9d1d8692a
3f39b68b7a37035426b260d8efcde7b9dd3869ce
3385573ee81f80a2bc4fa3a602c8defe89cb7abd8e2a8229ab93b3f80134a849

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543da5-2033-5df618f7ad7c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 3027
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.9.4

68.66.216.56

200 OK

15 kB

URL HTTP/2
tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (62161)
Size
15 kB (15286 bytes)
Hash
3e3cbc4a64027d9fdb17c900353372ba
3a8dac461ade65ffd99f637a63d1c185747db2dc
0d03072ead9234e1e1565425195cdac3f727a3da2eb2afad322ddd902f3aa5da

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c6e-f3e8-5df618d8fe1ba-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 15286
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

68.66.216.56

200 OK

4.2 kB

URL HTTP/2
tesu.rw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4169 bytes)
Hash
5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75229ab-2bd8-5df62b9229298-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 4169
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1

68.66.216.56

200 OK

9.9 kB

URL HTTP/2
tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (32019), with CRLF line terminators
Size
9.9 kB (9855 bytes)
Hash
848c28a251c2b0eac275f8ca8838dd8f
99294056a299ef2f01da5b41178b92932fecdac1
9aea1cb64554ca7d7751e016067b126c0bbee5dc9d8843595c7cbf3bce9b40c7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a14-8a80-5df618f78e3c2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 9855
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6

68.66.216.56

200 OK

7.6 kB

URL HTTP/2
tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with CRLF line terminators
Size
7.6 kB (7649 bytes)
Hash
3ee14587c3766e22ef9f1f37bbbe25d3
f25b098ff61a932cf2f67a21be8fbcea4ee82160
d3e4846a105558f3b4bbbc94c05563560a49630e4e89d34135aafc8700aa2a81

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a15-7fa7-5df618f78e7aa-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7649
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08-1.jpeg

68.66.216.56

200 OK

40 kB

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08-1.jpeg
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Size
40 kB (39936 bytes)
Hash
aedea9d0005ab482106b74876256fffa
f3505b90cc22a9d1ae33ec23abe7b66c0fa821d6
5a5fc23316660bb4c12ff3d608a007c6605f3df2ef231e72faf9b723a7cfc5f2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08-1.jpeg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2019 09:19:22 GMT
etag: "752500c-9c00-58aa435985a80"
accept-ranges: bytes
content-length: 39936
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c

68.66.216.56

200 OK

1.9 kB

URL HTTP/2
tesu.rw/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (5655)
Size
1.9 kB (1869 bytes)
Hash
e8c23c97843b93a9dc82a910cc3a687d
9f8c22d7acb019fe953aa7c1439fbba83cc464de
498e67b90b4f34cf82e814230c9b81f5f019724382bd6b42c3f03d8fdab02044

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:17 GMT
etag: "7522948-163a-5df62b99783be-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1869
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

68.66.216.56

200 OK

7.0 kB

URL HTTP/2
tesu.rw/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
Unicode text, UTF-8 text, with very long lines (19111)
Size
7.0 kB (7013 bytes)
Hash
3d97cdcc7f05c2b5782d39b135850bc3
d4427472e22221d71413745415a7b1e959da28f3
3b9a4010e3156a9143b38a24e91a5b34d898b1eeab165f49cda8c16212a968f7

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:17 GMT
etag: "7522983-4b3d-5df62b9981446-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7013
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2

68.66.216.56

200 OK

9.4 kB

URL HTTP/2
tesu.rw/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (31132), with no line terminators
Size
9.4 kB (9401 bytes)
Hash
8b0f3d2f6a4fce952c2ce9edb6fedeb1
3c84e9b662d14c11c287ee3fd319ecc83c5e836a
ac030cb17cdb3ba05a796d7863e8ce4239da9fef5c7f5bffb7ff9f189f7da32d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:11 GMT
etag: "7544802-799c-5df6190756788-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 9401
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0

68.66.216.56

200 OK

872 B

URL HTTP/2
tesu.rw/wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (1713), with no line terminators
Size
872 B (872 bytes)
Hash
4adc658d402a2c0976b369c9e943e55c
e02f490b57aab672851608efa137014391b2c04e
1eeb3ac5f14869f7f7a8c29512b20fd07d85c873fc45ea6f2999148f52f8d9d0

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:11 GMT
etag: "75447db-6b1-5df6190752908-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 872
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.41

68.66.216.56

200 OK

11 kB

URL HTTP/2
tesu.rw/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.41
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (4122)
Size
11 kB (10912 bytes)
Hash
d6e3e043d12b29ec97b02f0c35842e22
118ef46fb4d48432c06bffd049be4c189b63e413
eb97765ab98991ecce3ec391ae0f9dc63901f39cf272e2f7e2f966d4a2c15acd

HTTP Headers

GET /wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.41 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c52-9cd0-5df618d8fc27a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 10912
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1

68.66.216.56

200 OK

3.3 kB

URL HTTP/2
tesu.rw/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
HTML document, ASCII text, with very long lines (9720), with no line terminators
Size
3.3 kB (3286 bytes)
Hash
4ac0d5ab8d83806d59c4e1f7bf0a855a
81153a2f5e3a21febe9ede53c9f0073da3e14829
605fd4e7f4d3fbb5505bb81e3f72c685b6ef411c27cde2f7bab2787c3d870b10

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:54:44 GMT
etag: "75439ef-25f8-5df62becded08-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 3286
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/download-manager/assets/css/front.css?ver=5.9.4

68.66.216.56

200 OK

12 kB

URL HTTP/2
tesu.rw/wp-content/plugins/download-manager/assets/css/front.css?ver=5.9.4
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (482)
Size
12 kB (11784 bytes)
Hash
fa54c063be67257ec362c58274eda485
124588af9a6f59541060b7ca4f5c7e69917d23d9
3f0e7bd24a26576333f457014e8b9988ff7054d98db493bb52eb75eac864fd50

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/download-manager/assets/css/front.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c46-10020-5df618d8fab0a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 11784
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0

68.66.216.56

200 OK

6.0 kB

URL HTTP/2
tesu.rw/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (16116), with no line terminators
Size
6.0 kB (5956 bytes)
Hash
aaee2fe5e25c2eaf22e67a858e8444e3
d4ca7ed8e3e683326d3da2180aa1c5c68256a42c
0b874a1f3cd4cbe9d344b3eb17e202f382085be6d404801b63f2fa966ffd3c5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75229ae-3ef4-5df62b922a238-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 5956
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/masonry.min.js?ver=4.2.2

68.66.216.56

200 OK

7.4 kB

URL HTTP/2
tesu.rw/wp-includes/js/masonry.min.js?ver=4.2.2
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (23966)
Size
7.4 kB (7382 bytes)
Hash
d56e5016a4d65d6d654add02bee3f792
9238046ef54c80e04b940f86683ea33cf44d40c1
6f1a28f0ef5ad427f7d99aecc29db61d8eb25190d5eb5e539c524c916d1442f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75229fd-5e4a-5df62b923b3a7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7382
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3

68.66.216.56

200 OK

7.8 kB

URL HTTP/2
tesu.rw/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
Unicode text, UTF-8 text, with very long lines (24292)
Size
7.8 kB (7849 bytes)
Hash
77070b1f5f2bebbb9e4a2e8fc8f534c8
7b3517e54d001fd84e4bf41d8405f6e7fff1e886
1086db35c3ef92c049541a01e5c08af303f1911c37865c54959841b5438017a0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:11 GMT
etag: "7544803-5f6e-5df6190756788-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7849
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109

68.66.216.56

200 OK

16 kB

URL HTTP/2
tesu.rw/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (34446)
Size
16 kB (15933 bytes)
Hash
c1bc4c79ebdcd3babcffd9ddd8a16cd4
2c21a22c24262751a45e9b761815c5b4727288dc
64fcf4d6d0520284485bce7f41675350b12401662fcf5df146b6784b57c2a7ca

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:04:25 GMT
etag: "75449de-19358-5df62e176bf3a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 15933
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1

68.66.216.56

200 OK

17 kB

URL HTTP/2
tesu.rw/wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
17 kB (16583 bytes)
Hash
c8c30461603b9cffd4b9e2ab01e061f7
852ed9fe16e68668e1395ae094335abb5f0c64de
3d1edaa47f506cc0559d05ad0d9142c4f2687788044cce600e83401154a245a1

HTTP Headers

GET /wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:55:15 GMT
etag: "7547c05-151d1-5df62c0a28879-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 16583
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/themes/mesmerize/style.min.css?ver=1.6.109

68.66.216.56

200 OK

25 kB

URL HTTP/2
tesu.rw/wp-content/themes/mesmerize/style.min.css?ver=1.6.109
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (25053 bytes)
Hash
ec70c8552905a32856ba415d1b80ba17
e6d22ed6c1c0fd88b27bf13840150f1ae62107cf
8498e7b8655565fe6355237545dd5e0e9fec942360518b30d2d055ab747dda6a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/mesmerize/style.min.css?ver=1.6.109 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:04:23 GMT
etag: "75449c9-2c35f-5df62e1580fd9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 25053
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

68.66.216.56

200 OK

31 kB

URL HTTP/2
tesu.rw/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (65447)
Size
31 kB (30908 bytes)
Hash
9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "752212e-15db1-5df62b922a238-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 30908
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.5.0/css/all.css?ver=5.9.4

104.21.63.54

200 OK

28 kB

URL HTTP/2
use.fontawesome.com/releases/v5.5.0/css/all.css?ver=5.9.4
IP
104.21.63.54:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (51030)
Size
28 kB (28037 bytes)
Hash
0dfb8d09492969526859abaf2546081b
33a3cedac274099ebc316a773726e84dc33718fe
3278e2671a6515a0c11408fe4f3026447dbaa923ea1a95a79dba47de300e1105

HTTP Headers

GET /releases/v5.5.0/css/all.css?ver=5.9.4 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 19:36:46 GMT
content-type: text/css
x-amz-id-2: Z0WDJ7pzZtSO6zGehD0E2LVjPm5CkXCRC+K/XoarVhJu0A4rti7InvhEA/J4VctU/wrfHBU+pHM=
x-amz-request-id: MKR4J2EAAYKKMRWZ
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 773636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma0cVYvy%2F21UEdBIZ%2Fb1XdUMx%2B04BASDqDS%2FfCdT664SMR5JSIo8FB9Gsmah09obVsNQ3qxUtcyd7XWhj96atOBkvRJzV5zl0jUnUvdpMTzhKHXczkDhc3FRglCOskltoHZvdJ42"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a228bc80db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tesu.rw/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109

68.66.216.56

200 OK

23 kB

URL HTTP/2
tesu.rw/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (23293 bytes)
Hash
e4ab48cae3c87c0dc19d1e04d1c714eb
c538332f898b9a10f11c5488dfde1a328a761d57
c37f8f8e38dfab189d85d16b0fac339bfc0f845dc0b1da27331b4be3bf9e970d

HTTP Headers

GET /wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:04:26 GMT
etag: "75449ef-14b10-5df62e176da92-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 23293
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-download-4-1.jpg

68.66.216.56

200 OK

7.8 kB

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-download-4-1.jpg
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 183x183, components 3\012- data
Size
7.8 kB (7772 bytes)
Hash
a924f4e452ef8d8b98dd8d24d6645610
79328d2af4ace80551cf3b9f6a8d7785fac529d2
02a3682cbfa26c6650aa2575021cbe245b3bd57f4b24f7a9de0a24f8f012f34d

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-download-4-1.jpg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2019 06:58:01 GMT
etag: "7524fea-1ed6-58a7a0067d040-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7772
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-3.png

68.66.216.56

200 OK

8.8 kB

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-3.png
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
PNG image data, 230 x 160, 8-bit/color RGBA, non-interlaced\012- data
Size
8.8 kB (8751 bytes)
Hash
2f99d161023f14ec7ee234c4770074cf
bbb790ffee539f214e86720078d78acc039694aa
093abc2c21d7a1e0139503b091c95a72c666626fcc2b603db2c223e0640a9413

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-partners-2-3.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 02 Jun 2019 10:58:02 GMT
etag: "7524ff6-23dd-58a551f16e280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 8751
content-type: image/png
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-5.png

68.66.216.56

200 OK

14 kB

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-5.png
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
PNG image data, 341 x 236, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14115 bytes)
Hash
815e82a8c834d465e35d7635acf92b3a
15d7ff32e9576bec6fb74199e366ae02fc6f5b7f
e44b934f751aa31457c87ebec23e200a0896ad6f9c542a271835423e4e4e2d1d

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-partners-2-5.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 02 Jun 2019 10:58:42 GMT
etag: "7524ffd-39a8-58a5521793c80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 14115
content-type: image/png
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08.jpeg

68.66.216.56

200 OK

40 kB

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08.jpeg
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Size
40 kB (39936 bytes)
Hash
aedea9d0005ab482106b74876256fffa
f3505b90cc22a9d1ae33ec23abe7b66c0fa821d6
5a5fc23316660bb4c12ff3d608a007c6605f3df2ef231e72faf9b723a7cfc5f2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08.jpeg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2019 09:18:36 GMT
etag: "752500f-9c00-58aa432da7300"
accept-ranges: bytes
content-length: 39936
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131

68.66.216.56

200 OK

7.9 kB

URL HTTP/2
tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
ASCII text, with very long lines (34940)
Size
7.9 kB (7927 bytes)
Hash
b3d3990d965d0cb6b994c46eccc96ca9
7450cd7ff9260eb03bc9b004cee4be79ab5d310f
7ad8353ad88c6c303a0aa0699b371a9e8c34f23a097b4062b39367bf957400b2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:55:22 GMT
etag: "754417a-887d-5df62c118e8ce-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7927
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

68.66.216.56

200 OK

78 kB

URL HTTP/2
tesu.rw/wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
gzip compressed data, max compression\012- data
Size
78 kB (78342 bytes)
Hash
b3bce5c322a3a4da082b96f849c3a6e3
e920eb6fb71670c4b88f1287dfbe67c738bf141b
3b21cd1a2e267cfd8dc6523361451d7bbf9a4876a6f94f185866d5a2f8eabe85

HTTP Headers

GET /wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://tesu.rw/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:04:25 GMT
etag: "75449d4-12d68-5df62e176a3e2"
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Size
31 kB (31196 bytes)
Hash
ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

HTTP Headers

GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tesu.rw
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 06:19:53 GMT
expires: Fri, 08 Sep 2023 06:19:53 GMT
cache-control: public, max-age=31536000
age: 47814
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tesu.rw
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 212746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tesu.rw/wp-content/uploads/2019/06/cropped-1-1-32x32.png

68.66.216.56

200 OK

1.3 kB

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-1-1-32x32.png
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1340 bytes)
Hash
4e163de32dc0b95f81dd625299ccb541
96e9603a982951474a59dd689727c56af345e29f
3177506f1da0c961724712672b387aed15b2d5f707b850256a6a34e6c80adbf5

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-1-1-32x32.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2019 08:52:57 GMT
etag: "7524fde-525-58a677d990c40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1340
content-type: image/png
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-1-1-192x192.png

68.66.216.56

200 OK

17 kB

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-1-1-192x192.png
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16678 bytes)
Hash
f5b0e095617a30289d7e58d34f17fa73
2e178a9a37a61024c50afbe4a7ff0ebac6f5843a
b9dcb778d6332118bd03def1fbfc26380d1aa7bf4e836476ef7bce03e16c58d1

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-1-1-192x192.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2019 08:52:57 GMT
etag: "7524fdb-41f8-58a677d990c40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 16678
content-type: image/png
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8705 bytes)
Hash
24e43bc53a0b047911cff00ad4b72320
f6ef30b5df0e634c3a3f607d751e738e55a276c9
7e1406b2101c912e72f37f0257128574079e618c1af83e360acb3f29b4d44d89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8705
x-amzn-requestid: ccc5b695-35b5-49fd-b938-296a88a78ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFOiIAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-12e809c767cdbba61492187c;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: W4siV0rqMGbs2Z7TiD3PvD2j2ErD69gIbIDY2N3RInKx61vDyRTxXA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:55:10 GMT
age: 78101
etag: "f6ef30b5df0e634c3a3f607d751e738e55a276c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8820 bytes)
Hash
675756a44be6f9bbe341fa4c866c941b
6502050805e53baeb44d82e55d4b15b82e34d2eb
cd1d16b5feefddfd89ac4bfcff21e80c49f07b0428aa57e8de365974f813e755

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8820
x-amzn-requestid: e2c909d0-f781-48e6-805e-a43940e67c4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG_LpG1OIAMF_8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319124a-37f3458a2905bd947cf01f93;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:51:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BEn2J8F8SsnyrLeWv5W6QDPn21ZjNXH3I0B2kUJYpgdMVp-88pb5rw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:34 GMT
age: 76758
etag: "6502050805e53baeb44d82e55d4b15b82e34d2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-IMG_20190409_095931_8-2.jpg

68.66.216.56

200 OK

0 B

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-IMG_20190409_095931_8-2.jpg
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-IMG_20190409_095931_8-2.jpg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 07:06:17 GMT
etag: "7525248-3dff1-58b2f2a96efc7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/sections/images/mockup-863469.jpg

68.66.216.56

200 OK

0 B

URL HTTP/2
tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/sections/images/mockup-863469.jpg
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/mesmerize-companion/theme-data/mesmerize/sections/images/mockup-863469.jpg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:55:22 GMT
etag: "754414c-45b6c-5df62c118ae37-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/10/Untitled-design-2.png

68.66.216.56

200 OK

0 B

URL HTTP/2
tesu.rw/wp-content/uploads/2019/10/Untitled-design-2.png
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2019/10/Untitled-design-2.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 30 Oct 2019 12:18:58 GMT
etag: "7521f6b-191641-5961fbcc55ccc-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/png
date: Thu, 08 Sep 2022 19:36:52 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-8.png

68.66.216.56

200 OK

0 B

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-8.png
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-partners-2-8.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 02 Jun 2019 10:59:42 GMT
etag: "7525006-9b51-58a55250cc380-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 39027
content-type: image/png
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/06/cropped-420-Raffle-1-5.jpg

68.66.216.56

200 OK

0 B

URL HTTP/2
tesu.rw/wp-content/uploads/2019/06/cropped-420-Raffle-1-5.jpg
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2019/06/cropped-420-Raffle-1-5.jpg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 07:07:17 GMT
etag: "752524f-1003c-58b2f2e29b84b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1662665805

68.66.216.56

200 OK

0 B

URL HTTP/2
tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1662665805
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1662665805 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 19:00:03 GMT
etag: "7521f37-875fe-5cc0d4e451050-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805

68.66.216.56

200 OK

0 B

URL HTTP/2
tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 19:00:03 GMT
etag: "7521f49-fe0d2-5cc0d4e455e70-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2

tesu.rw/wp-content/uploads/2019/10/PUM_HENNEKE.png

68.66.216.56

200 OK

0 B

URL HTTP/2
tesu.rw/wp-content/uploads/2019/10/PUM_HENNEKE.png
IP
68.66.216.56:0
ASN
#55293 A2HOSTING

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2019/10/PUM_HENNEKE.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 30 Oct 2019 10:33:42 GMT
etag: "7521f5b-1bcd44-5961e444405a9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/png
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML