firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 19:05:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: US3VMWzi6UOrWo0WJoqdaB5y1Xc88i46rFxLEBkDQEO6t3acthSzGw==
Age: 1879
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3815
Expires: Thu, 08 Sep 2022 20:40:18 GMT
Date: Thu, 08 Sep 2022 19:36:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ni0GbGlvANSyw9GrkDVLc_q-ejdF-J-Ybrp6zSWOXnpYjz55d-Rqkg==
age: 57009
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 19:36:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 18:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 19:29:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XCf3dRBBrXYzvhgMPT0e1A5ACqMe6xb8z6gJ85d0bOktBrEHAVB3vg==
Age: 3506
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:44 GMT
Last-Modified: Thu, 08 Sep 2022 17:56:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uusFcRrydWU6qW+1uiSZcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZPr9Qd4fZdY+0xC+Wd8/5xAm6vE=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7359
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 19:36:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:29:44 GMT
age: 50821
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:17 GMT
age: 76768
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lbCmv9fV9iBGOQvxRzleYwC5dBYeu1kRgSSkC2hycDmavyXj-KlFSw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:24:59 GMT
age: 76306
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09267c271a56ba4c2d4197543f264fac
67ae4acd88571da51b81fa7ed963b7f2a71845b4
906163f9e1bb8908ae7fcfbf4debc2a42fd14a3f90c8814536025a57ee851dbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8162
x-amzn-requestid: decb1d93-bcc9-4a71-a054-c537ad7d1add
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJvndF1fIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2c95-27cef2465fd0e6c849da81af;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:55:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: C_J0m9xfkCb5qsoO934KB2Ldk1-yMaMXkgiv9gWus7JqjN3M_HCpdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 18:01:20 GMT
age: 5725
etag: "67ae4acd88571da51b81fa7ed963b7f2a71845b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhobt81rs5gqg8hcr1Su3J3MNFt4_gR2hLHkIl5xDDS1HF9g_3ecCg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:40:35 GMT
age: 75370
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: MG4_YJuVqfSCQ80FTdo5XU8xIi74XtILVbIQAbByh54QNOoMJCyS-Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 78580
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.tesu.rw/
68.66.216.56301 Moved Permanently 0 B IP 68.66.216.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Sep 2022 19:36:44 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
X-Redirect-By: WordPress
Set-Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068; httponly
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://tesu.rw/
Content-Length: 0
Keep-Alive: timeout=3, max=500
Content-Type: text/html; charset=UTF-8
tesu.rw/
68.66.216.56200 OK 14 kB IP 68.66.216.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15476), with CRLF, LF line terminators
Hash 7432ecac5b5c31fca5fa57754dee83a8
44b14c2765ec721ef40cb0d171cec142191ae91c
aca48756e8272be874e24549e912c946700093a3b97d3fcec28bfd8b7f8706ab
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
link: <https://tesu.rw/wp-json/>; rel="https://api.w.org/", <https://tesu.rw/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://tesu.rw/>; rel=shortlink
set-cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068; secure; httponly
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
content-length: 13452
content-type: text/html; charset=UTF-8
date: Thu, 08 Sep 2022 19:36:45 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/css/pwrgrids_css.css?ver=5.9.4
68.66.216.56200 OK 1.5 kB URL HTTP/2 tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/css/pwrgrids_css.css?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with CRLF line terminators
Hash 5149e402bc70db545a1b765b7f2caed2
41bf22c0f0269291eb86921388be9bf3999c2ba5
5c1d3076243ce3c853d998cc9f7000187354ed7a4d3970fe990f26ae907fe6ec
GET /wp-content/plugins/portfolio-elementor/modules/post-grid-module/css/pwrgrids_css.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a0d-2532-5df618f78d03a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1498
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4
68.66.216.56200 OK 1.2 kB URL HTTP/2 tesu.rw/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 30d57d7aa11190e44974cce8621f22c7
59f516369877009cce06ca45b1c296944bb674a4
094ae87a3d4cee4a1ddc5cada149c2deacabd4cf2e377b97fe4ca641142258ee
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Fri, 07 Feb 2020 11:40:10 GMT
etag: "7522a8c-105a-59dfada212a52-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1156
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simplelightbox.min.css?ver=5.9.4
68.66.216.56200 OK 694 B URL HTTP/2 tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simplelightbox.min.css?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (2379), with no line terminators
Hash 664f2b6117cc45e1c900fef1af327b3c
24bc95915f5a619e4c9cc5a59da5c51a6a7ec1fe
84f11279e3e6378f0270fd305299e4eae82ce2eeaf2ab1880b967322610a75fd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simplelightbox.min.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543da3-94b-5df618f7ad3d8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 694
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
68.66.216.56200 OK 2.6 kB URL HTTP/2 tesu.rw/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 68.66.216.56:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 583529ff412cb2b255fa606024d1133e
8db4b0a0be402cc5e38488528791b73b0c7369d0
6fdf0933a8faf229b277740f401600834c00d0b204f7ed38293cd4abcdb3ea20
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "7522a81-2bf8-5df62b920e8d1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 2592
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/portfolio-elementor/css/powerfolio_css.css?ver=5.9.4
68.66.216.56200 OK 2.8 kB URL HTTP/2 tesu.rw/wp-content/plugins/portfolio-elementor/css/powerfolio_css.css?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with CRLF line terminators
Hash ddd06a5ad0b41127f3e5ded7c724cdcb
a933c8729c01b79590952969771250a537230a70
355b9281ba6f356402c2746887ed9f5680fe2411453852e81c704453e488be20
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/portfolio-elementor/css/powerfolio_css.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a2c-a067-5df618f791e5a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 2803
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rubik
142.250.74.10200 OK 946 B URL HTTP/2 fonts.googleapis.com/css?family=Rubik
IP 142.250.74.10:0
Hash 95d281181841d0a32733ecb4150b6e46
30a82607c93ec683c57ad3ac9515a7608c3d1f57
84339f10af1d2642fbbb4baf60e4453aa3f6389e22de3eb08514992d47f195bc
GET /css?family=Rubik HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 19:36:46 GMT
date: Thu, 08 Sep 2022 19:36:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tesu.rw/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
68.66.216.56200 OK 11 kB URL HTTP/2 tesu.rw/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (39791)
Hash 68c55e0e26ede0ee6d29668c5e7ff18a
ea17cd26ac9dd53fdfb6b227d5737bc2714c4db5
ad7d949e15ee2ea92473b1fcdfa56cc6239de0aeceed78065aa3a060523c0e00
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:05 GMT
etag: "7522801-145db-5df62b8e775f5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 11206
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
68.66.216.56200 OK 5.5 kB URL HTTP/2 tesu.rw/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2
IP 68.66.216.56:0
File type ASCII text, with very long lines (39912)
Hash ecfecb25d0d4fc81b6c880494a8e514c
bc12168bb4eacf24ff45f0164a8a2871026a42ef
53ac665480e89ebf40f5a84f492a8aa74326cb0e652df36b815e11172d9da532
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.4.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:10 GMT
etag: "754478d-9be9-5df619059d8ed-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 5480
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
68.66.216.56200 OK 972 B URL HTTP/2 tesu.rw/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 68.66.216.56:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:54:44 GMT
etag: "75439d7-aab-5df62becdcdc8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 972
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.9.4
68.66.216.56200 OK 9.9 kB URL HTTP/2 tesu.rw/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (45507)
Hash a5c31fc0d7703fa2ce465b62b5b4dfe9
86c73fe36b74b95183d3fd29149f0cb4bac6a1fe
9537a365e74353121addd2ff96cf68fc56b81f7c6cd194f1783d54f39ff8132a
GET /wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:21 GMT
etag: "7543c22-b277-5df618d74cc37-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 9929
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.9.4
68.66.216.56200 OK 9.8 kB URL HTTP/2 tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (57835), with no line terminators
Hash 387cbe843176b30ca61a67e09b236ee9
1290c5afe83c7549c5e9b70512f609c34ed38b53
69a8274b0ad8141bc05bdde75675ba4944de802c694b0794243bfe89c02e6a59
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c6c-e1eb-5df618d8fddd2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 9768
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4
68.66.216.56200 OK 4.9 kB URL HTTP/2 tesu.rw/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (15224)
Hash 3179794486ec4ca8f59329ccd67ae3e1
4b9c6e22ee7966479ef9844259f39f19d584f4a4
6e616b83910943042f683d5d21691f7e15aca8e2d8d154ff8f35bf09c612297a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75231b7-4705-5df62b92351ff-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 4930
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215
68.66.216.56200 OK 626 B URL HTTP/2 tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215
IP 68.66.216.56:0
File type ASCII text, with CRLF line terminators
Hash 8492bd6b7f3d5214a0f5f5c6a0bafc57
89882fc180abc13d1332466b9d9e6503af6f2acb
358e883582890ee66bc4677806f6ec96f69c640f8f1ec180de5a2a7749571a1d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/portfolio-elementor/modules/post-grid-module/js/pwrgrids-custom-js.js?ver=20151215 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a11-843-5df618f78dbf2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 626
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215
68.66.216.56200 OK 567 B URL HTTP/2 tesu.rw/wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215
IP 68.66.216.56:0
File type ASCII text, with CRLF line terminators
Hash a0dad343be6729f23f95f1df90a4cb2e
efd6e16ea6a5531033eb99c87e0f047ff1d56fbf
0538266f92c2f2f9ad065f219d52951056abeb9308f77672e18b9ea3859242cf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/portfolio-elementor/js/custom-portfolio.js?ver=20151215 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a33-792-5df618f792a12-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 567
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/imagesloaded.min.js?ver=4.1.4
68.66.216.56200 OK 1.8 kB URL HTTP/2 tesu.rw/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75229a1-15fd-5df62b91f4eab-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1834
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
68.66.216.56200 OK 2.4 kB URL HTTP/2 tesu.rw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 68.66.216.56:0
File type ASCII text, with very long lines (6494), with no line terminators
Hash c16f2821df385b57b616cb7c867e1253
6327ed04bc2d7c294db8358cdf8b06ff62c3eb13
ff1c71b966df6e007b9175772a52be12d7dd9b65aafcb78a55046f60e792ae42
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:17 GMT
etag: "7522192-195e-5df62b9982bb6-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 2422
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
68.66.216.56200 OK 4.0 kB URL HTTP/2 tesu.rw/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
IP 68.66.216.56:0
Hash a2a26c31eec80b2d4b8296661652ac71
bf21083c2eb7c78a936eadc058ea23dfd5ce8efe
6fb2d8e93c2ad84d5541fcbe3b178e1724b60a9820b7ffcc72f9d8f42a278b97
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:13 GMT
etag: "752294c-28a7-5df62b9626a27-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 3968
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2
68.66.216.56200 OK 1.7 kB URL HTTP/2 tesu.rw/wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2
IP 68.66.216.56:0
File type C source, ASCII text, with very long lines (4014), with no line terminators
Hash 378928a458b9a32d539470fb4bcaf34e
e9a05c4b7e7e2b0d73263fde1293d4d35322b3d7
2bb2847ddf8e0657812fb17dc13b557139710483131d346c5b543876558b1e68
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:11 GMT
etag: "75447da-fae-5df6190752908-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1682
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=5.9.4
68.66.216.56200 OK 7.5 kB URL HTTP/2 tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (21084)
Hash c4a1c12a7ed7875f729fcd9dee7bddb1
f91a9ce3bec72b2c15abea8da8d7b59f9efebdca
029820eeba5a80dd14614fd547fea9101680567065a08ea125266ba7786292b3
GET /wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c72-52e2-5df618d8fe98a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7484
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218
68.66.216.56200 OK 3.0 kB URL HTTP/2 tesu.rw/wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218
IP 68.66.216.56:0
File type Unicode text, UTF-8 text, with very long lines (8152), with CRLF line terminators
Hash ca32a16d40d7a6ac56a5dfa9d1d8692a
3f39b68b7a37035426b260d8efcde7b9dd3869ce
3385573ee81f80a2bc4fa3a602c8defe89cb7abd8e2a8229ab93b3f80134a849
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/portfolio-elementor/vendor/simplelightbox/dist/simple-lightbox.min.js?ver=20151218 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543da5-2033-5df618f7ad7c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 3027
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.9.4
68.66.216.56200 OK 15 kB URL HTTP/2 tesu.rw/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (62161)
Hash 3e3cbc4a64027d9fdb17c900353372ba
3a8dac461ade65ffd99f637a63d1c185747db2dc
0d03072ead9234e1e1565425195cdac3f727a3da2eb2afad322ddd902f3aa5da
GET /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c6e-f3e8-5df618d8fe1ba-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 15286
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
68.66.216.56200 OK 4.2 kB URL HTTP/2 tesu.rw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 68.66.216.56:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75229ab-2bd8-5df62b9229298-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 4169
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1
68.66.216.56200 OK 9.9 kB URL HTTP/2 tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1
IP 68.66.216.56:0
File type ASCII text, with very long lines (32019), with CRLF line terminators
Hash 848c28a251c2b0eac275f8ca8838dd8f
99294056a299ef2f01da5b41178b92932fecdac1
9aea1cb64554ca7d7751e016067b126c0bbee5dc9d8843595c7cbf3bce9b40c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/isotope.pkgd.min.js?ver=2.0.1 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a14-8a80-5df618f78e3c2-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 9855
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6
68.66.216.56200 OK 7.6 kB URL HTTP/2 tesu.rw/wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6
IP 68.66.216.56:0
File type ASCII text, with CRLF line terminators
Hash 3ee14587c3766e22ef9f1f37bbbe25d3
f25b098ff61a932cf2f67a21be8fbcea4ee82160
d3e4846a105558f3b4bbbc94c05563560a49630e4e89d34135aafc8700aa2a81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/portfolio-elementor/modules/post-grid-module/vendor/isotope/js/packery-mode.pkgd.min.js?ver=3.0.6 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:55 GMT
etag: "7543a15-7fa7-5df618f78e7aa-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7649
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08-1.jpeg
68.66.216.56200 OK 40 kB URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08-1.jpeg
IP 68.66.216.56:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Hash aedea9d0005ab482106b74876256fffa
f3505b90cc22a9d1ae33ec23abe7b66c0fa821d6
5a5fc23316660bb4c12ff3d608a007c6605f3df2ef231e72faf9b723a7cfc5f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08-1.jpeg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2019 09:19:22 GMT
etag: "752500c-9c00-58aa435985a80"
accept-ranges: bytes
content-length: 39936
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
68.66.216.56200 OK 1.9 kB URL HTTP/2 tesu.rw/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
IP 68.66.216.56:0
File type ASCII text, with very long lines (5655)
Hash e8c23c97843b93a9dc82a910cc3a687d
9f8c22d7acb019fe953aa7c1439fbba83cc464de
498e67b90b4f34cf82e814230c9b81f5f019724382bd6b42c3f03d8fdab02044
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:17 GMT
etag: "7522948-163a-5df62b99783be-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1869
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
68.66.216.56200 OK 7.0 kB URL HTTP/2 tesu.rw/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 68.66.216.56:0
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash 3d97cdcc7f05c2b5782d39b135850bc3
d4427472e22221d71413745415a7b1e959da28f3
3b9a4010e3156a9143b38a24e91a5b34d898b1eeab165f49cda8c16212a968f7
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:17 GMT
etag: "7522983-4b3d-5df62b9981446-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7013
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2
68.66.216.56200 OK 9.4 kB URL HTTP/2 tesu.rw/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2
IP 68.66.216.56:0
File type ASCII text, with very long lines (31132), with no line terminators
Hash 8b0f3d2f6a4fce952c2ce9edb6fedeb1
3c84e9b662d14c11c287ee3fd319ecc83c5e836a
ac030cb17cdb3ba05a796d7863e8ce4239da9fef5c7f5bffb7ff9f189f7da32d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.4.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:11 GMT
etag: "7544802-799c-5df6190756788-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 9401
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0
68.66.216.56200 OK 872 B URL HTTP/2 tesu.rw/wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0
IP 68.66.216.56:0
File type ASCII text, with very long lines (1713), with no line terminators
Hash 4adc658d402a2c0976b369c9e943e55c
e02f490b57aab672851608efa137014391b2c04e
1eeb3ac5f14869f7f7a8c29512b20fd07d85c873fc45ea6f2999148f52f8d9d0
GET /wp-content/plugins/wpforms-lite/assets/js/punycode.min.js?ver=1.0.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:11 GMT
etag: "75447db-6b1-5df6190752908-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 872
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.41
68.66.216.56200 OK 11 kB URL HTTP/2 tesu.rw/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.41
IP 68.66.216.56:0
File type ASCII text, with very long lines (4122)
Hash d6e3e043d12b29ec97b02f0c35842e22
118ef46fb4d48432c06bffd049be4c189b63e413
eb97765ab98991ecce3ec391ae0f9dc63901f39cf272e2f7e2f966d4a2c15acd
GET /wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.41 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c52-9cd0-5df618d8fc27a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 10912
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
68.66.216.56200 OK 3.3 kB URL HTTP/2 tesu.rw/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 68.66.216.56:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 4ac0d5ab8d83806d59c4e1f7bf0a855a
81153a2f5e3a21febe9ede53c9f0073da3e14829
605fd4e7f4d3fbb5505bb81e3f72c685b6ef411c27cde2f7bab2787c3d870b10
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:54:44 GMT
etag: "75439ef-25f8-5df62becded08-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 3286
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/download-manager/assets/css/front.css?ver=5.9.4
68.66.216.56200 OK 12 kB URL HTTP/2 tesu.rw/wp-content/plugins/download-manager/assets/css/front.css?ver=5.9.4
IP 68.66.216.56:0
File type ASCII text, with very long lines (482)
Hash fa54c063be67257ec362c58274eda485
124588af9a6f59541060b7ca4f5c7e69917d23d9
3f0e7bd24a26576333f457014e8b9988ff7054d98db493bb52eb75eac864fd50
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/download-manager/assets/css/front.css?ver=5.9.4 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:29:23 GMT
etag: "7543c46-10020-5df618d8fab0a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 11784
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
68.66.216.56200 OK 6.0 kB URL HTTP/2 tesu.rw/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 68.66.216.56:0
File type ASCII text, with very long lines (16116), with no line terminators
Hash aaee2fe5e25c2eaf22e67a858e8444e3
d4ca7ed8e3e683326d3da2180aa1c5c68256a42c
0b874a1f3cd4cbe9d344b3eb17e202f382085be6d404801b63f2fa966ffd3c5a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75229ae-3ef4-5df62b922a238-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 5956
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/masonry.min.js?ver=4.2.2
68.66.216.56200 OK 7.4 kB URL HTTP/2 tesu.rw/wp-includes/js/masonry.min.js?ver=4.2.2
IP 68.66.216.56:0
File type ASCII text, with very long lines (23966)
Hash d56e5016a4d65d6d654add02bee3f792
9238046ef54c80e04b940f86683ea33cf44d40c1
6f1a28f0ef5ad427f7d99aecc29db61d8eb25190d5eb5e539c524c916d1442f9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "75229fd-5e4a-5df62b923b3a7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7382
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3
68.66.216.56200 OK 7.8 kB URL HTTP/2 tesu.rw/wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3
IP 68.66.216.56:0
File type Unicode text, UTF-8 text, with very long lines (24292)
Hash 77070b1f5f2bebbb9e4a2e8fc8f534c8
7b3517e54d001fd84e4bf41d8405f6e7fff1e886
1086db35c3ef92c049541a01e5c08af303f1911c37865c54959841b5438017a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wpforms-lite/assets/js/jquery.validate.min.js?ver=1.19.3 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 18:30:11 GMT
etag: "7544803-5f6e-5df6190756788-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7849
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109
68.66.216.56200 OK 16 kB URL HTTP/2 tesu.rw/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109
IP 68.66.216.56:0
File type ASCII text, with very long lines (34446)
Hash c1bc4c79ebdcd3babcffd9ddd8a16cd4
2c21a22c24262751a45e9b761815c5b4727288dc
64fcf4d6d0520284485bce7f41675350b12401662fcf5df146b6784b57c2a7ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:04:25 GMT
etag: "75449de-19358-5df62e176bf3a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 15933
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1
68.66.216.56200 OK 17 kB URL HTTP/2 tesu.rw/wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1
IP 68.66.216.56:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash c8c30461603b9cffd4b9e2ab01e061f7
852ed9fe16e68668e1395ae094335abb5f0c64de
3d1edaa47f506cc0559d05ad0d9142c4f2687788044cce600e83401154a245a1
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=10.9.1 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:55:15 GMT
etag: "7547c05-151d1-5df62c0a28879-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 16583
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/themes/mesmerize/style.min.css?ver=1.6.109
68.66.216.56200 OK 25 kB URL HTTP/2 tesu.rw/wp-content/themes/mesmerize/style.min.css?ver=1.6.109
IP 68.66.216.56:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ec70c8552905a32856ba415d1b80ba17
e6d22ed6c1c0fd88b27bf13840150f1ae62107cf
8498e7b8655565fe6355237545dd5e0e9fec942360518b30d2d055ab747dda6a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/mesmerize/style.min.css?ver=1.6.109 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:04:23 GMT
etag: "75449c9-2c35f-5df62e1580fd9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 25053
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
68.66.216.56200 OK 31 kB URL HTTP/2 tesu.rw/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 68.66.216.56:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:53:09 GMT
etag: "752212e-15db1-5df62b922a238-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 30908
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/css/all.css?ver=5.9.4
104.21.63.54200 OK 28 kB URL HTTP/2 use.fontawesome.com/releases/v5.5.0/css/all.css?ver=5.9.4
IP 104.21.63.54:0
File type ASCII text, with very long lines (51030)
Hash 0dfb8d09492969526859abaf2546081b
33a3cedac274099ebc316a773726e84dc33718fe
3278e2671a6515a0c11408fe4f3026447dbaa923ea1a95a79dba47de300e1105
GET /releases/v5.5.0/css/all.css?ver=5.9.4 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 19:36:46 GMT
content-type: text/css
x-amz-id-2: Z0WDJ7pzZtSO6zGehD0E2LVjPm5CkXCRC+K/XoarVhJu0A4rti7InvhEA/J4VctU/wrfHBU+pHM=
x-amz-request-id: MKR4J2EAAYKKMRWZ
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 773636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma0cVYvy%2F21UEdBIZ%2Fb1XdUMx%2B04BASDqDS%2FfCdT664SMR5JSIo8FB9Gsmah09obVsNQ3qxUtcyd7XWhj96atOBkvRJzV5zl0jUnUvdpMTzhKHXczkDhc3FRglCOskltoHZvdJ42"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a228bc80db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tesu.rw/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109
68.66.216.56200 OK 23 kB URL HTTP/2 tesu.rw/wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109
IP 68.66.216.56:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e4ab48cae3c87c0dc19d1e04d1c714eb
c538332f898b9a10f11c5488dfde1a328a761d57
c37f8f8e38dfab189d85d16b0fac339bfc0f845dc0b1da27331b4be3bf9e970d
GET /wp-content/themes/mesmerize/assets/js/theme.bundle.min.js?ver=1.6.109 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:04:26 GMT
etag: "75449ef-14b10-5df62e176da92-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 23293
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-download-4-1.jpg
68.66.216.56200 OK 7.8 kB URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-download-4-1.jpg
IP 68.66.216.56:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 183x183, components 3\012- data
Hash a924f4e452ef8d8b98dd8d24d6645610
79328d2af4ace80551cf3b9f6a8d7785fac529d2
02a3682cbfa26c6650aa2575021cbe245b3bd57f4b24f7a9de0a24f8f012f34d
GET /wp-content/uploads/2019/06/cropped-download-4-1.jpg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2019 06:58:01 GMT
etag: "7524fea-1ed6-58a7a0067d040-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7772
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-3.png
68.66.216.56200 OK 8.8 kB URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-3.png
IP 68.66.216.56:0
File type PNG image data, 230 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f99d161023f14ec7ee234c4770074cf
bbb790ffee539f214e86720078d78acc039694aa
093abc2c21d7a1e0139503b091c95a72c666626fcc2b603db2c223e0640a9413
GET /wp-content/uploads/2019/06/cropped-partners-2-3.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 02 Jun 2019 10:58:02 GMT
etag: "7524ff6-23dd-58a551f16e280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 8751
content-type: image/png
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-5.png
68.66.216.56200 OK 14 kB URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-5.png
IP 68.66.216.56:0
File type PNG image data, 341 x 236, 8-bit/color RGBA, non-interlaced\012- data
Hash 815e82a8c834d465e35d7635acf92b3a
15d7ff32e9576bec6fb74199e366ae02fc6f5b7f
e44b934f751aa31457c87ebec23e200a0896ad6f9c542a271835423e4e4e2d1d
GET /wp-content/uploads/2019/06/cropped-partners-2-5.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 02 Jun 2019 10:58:42 GMT
etag: "7524ffd-39a8-58a5521793c80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 14115
content-type: image/png
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08.jpeg
68.66.216.56200 OK 40 kB URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08.jpeg
IP 68.66.216.56:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 600x600, components 3\012- data
Hash aedea9d0005ab482106b74876256fffa
f3505b90cc22a9d1ae33ec23abe7b66c0fa821d6
5a5fc23316660bb4c12ff3d608a007c6605f3df2ef231e72faf9b723a7cfc5f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2019/06/cropped-WhatsApp-Image-2019-06-05-at-03.18.08.jpeg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 06 Jun 2019 09:18:36 GMT
etag: "752500f-9c00-58aa432da7300"
accept-ranges: bytes
content-length: 39936
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131
68.66.216.56200 OK 7.9 kB URL HTTP/2 tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131
IP 68.66.216.56:0
File type ASCII text, with very long lines (34940)
Hash b3d3990d965d0cb6b994c46eccc96ca9
7450cd7ff9260eb03bc9b004cee4be79ab5d310f
7ad8353ad88c6c303a0aa0699b371a9e8c34f23a097b4062b39367bf957400b2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:55:22 GMT
etag: "754417a-887d-5df62c118e8ce-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 7927
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
68.66.216.56200 OK 78 kB URL HTTP/2 tesu.rw/wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 68.66.216.56:0
File type gzip compressed data, max compression\012- data
Hash b3bce5c322a3a4da082b96f849c3a6e3
e920eb6fb71670c4b88f1287dfbe67c738bf141b
3b21cd1a2e267cfd8dc6523361451d7bbf9a4876a6f94f185866d5a2f8eabe85
GET /wp-content/themes/mesmerize/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://tesu.rw/wp-content/themes/mesmerize/assets/css/theme.bundle.min.css?ver=1.6.109
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 20:04:25 GMT
etag: "75449d4-12d68-5df62e176a3e2"
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Hash ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tesu.rw
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 06:19:53 GMT
expires: Fri, 08 Sep 2023 06:19:53 GMT
cache-control: public, max-age=31536000
age: 47814
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tesu.rw
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 08:31:01 GMT
expires: Wed, 06 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 212746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 19:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tesu.rw/wp-content/uploads/2019/06/cropped-1-1-32x32.png
68.66.216.56200 OK 1.3 kB URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-1-1-32x32.png
IP 68.66.216.56:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e163de32dc0b95f81dd625299ccb541
96e9603a982951474a59dd689727c56af345e29f
3177506f1da0c961724712672b387aed15b2d5f707b850256a6a34e6c80adbf5
GET /wp-content/uploads/2019/06/cropped-1-1-32x32.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2019 08:52:57 GMT
etag: "7524fde-525-58a677d990c40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 1340
content-type: image/png
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-1-1-192x192.png
68.66.216.56200 OK 17 kB URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-1-1-192x192.png
IP 68.66.216.56:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f5b0e095617a30289d7e58d34f17fa73
2e178a9a37a61024c50afbe4a7ff0ebac6f5843a
b9dcb778d6332118bd03def1fbfc26380d1aa7bf4e836476ef7bce03e16c58d1
GET /wp-content/uploads/2019/06/cropped-1-1-192x192.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2019 08:52:57 GMT
etag: "7524fdb-41f8-58a677d990c40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 16678
content-type: image/png
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24e43bc53a0b047911cff00ad4b72320
f6ef30b5df0e634c3a3f607d751e738e55a276c9
7e1406b2101c912e72f37f0257128574079e618c1af83e360acb3f29b4d44d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6df26b-97aa-461c-9f22-c5c9496b5701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8705
x-amzn-requestid: ccc5b695-35b5-49fd-b938-296a88a78ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9TgFOiIAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-12e809c767cdbba61492187c;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: W4siV0rqMGbs2Z7TiD3PvD2j2ErD69gIbIDY2N3RInKx61vDyRTxXA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:55:10 GMT
age: 78101
etag: "f6ef30b5df0e634c3a3f607d751e738e55a276c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 675756a44be6f9bbe341fa4c866c941b
6502050805e53baeb44d82e55d4b15b82e34d2eb
cd1d16b5feefddfd89ac4bfcff21e80c49f07b0428aa57e8de365974f813e755
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8820
x-amzn-requestid: e2c909d0-f781-48e6-805e-a43940e67c4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG_LpG1OIAMF_8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319124a-37f3458a2905bd947cf01f93;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:51:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BEn2J8F8SsnyrLeWv5W6QDPn21ZjNXH3I0B2kUJYpgdMVp-88pb5rw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:34 GMT
age: 76758
etag: "6502050805e53baeb44d82e55d4b15b82e34d2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-IMG_20190409_095931_8-2.jpg
68.66.216.56200 OK 0 B URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-IMG_20190409_095931_8-2.jpg
IP 68.66.216.56:0
GET /wp-content/uploads/2019/06/cropped-IMG_20190409_095931_8-2.jpg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 07:06:17 GMT
etag: "7525248-3dff1-58b2f2a96efc7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/sections/images/mockup-863469.jpg
68.66.216.56200 OK 0 B URL HTTP/2 tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/sections/images/mockup-863469.jpg
IP 68.66.216.56:0
GET /wp-content/plugins/mesmerize-companion/theme-data/mesmerize/sections/images/mockup-863469.jpg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/wp-content/plugins/mesmerize-companion/theme-data/mesmerize/assets/css/companion.bundle.min.css?ver=1.6.131
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 19 May 2022 19:55:22 GMT
etag: "754414c-45b6c-5df62c118ae37-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/10/Untitled-design-2.png
68.66.216.56200 OK 0 B URL HTTP/2 tesu.rw/wp-content/uploads/2019/10/Untitled-design-2.png
IP 68.66.216.56:0
GET /wp-content/uploads/2019/10/Untitled-design-2.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 30 Oct 2019 12:18:58 GMT
etag: "7521f6b-191641-5961fbcc55ccc-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/png
date: Thu, 08 Sep 2022 19:36:52 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-8.png
68.66.216.56200 OK 0 B URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-partners-2-8.png
IP 68.66.216.56:0
GET /wp-content/uploads/2019/06/cropped-partners-2-8.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 02 Jun 2019 10:59:42 GMT
etag: "7525006-9b51-58a55250cc380-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-length: 39027
content-type: image/png
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/06/cropped-420-Raffle-1-5.jpg
68.66.216.56200 OK 0 B URL HTTP/2 tesu.rw/wp-content/uploads/2019/06/cropped-420-Raffle-1-5.jpg
IP 68.66.216.56:0
GET /wp-content/uploads/2019/06/cropped-420-Raffle-1-5.jpg HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 07:07:17 GMT
etag: "752524f-1003c-58b2f2e29b84b-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/jpeg
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1662665805
68.66.216.56200 OK 0 B URL HTTP/2 tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1662665805
IP 68.66.216.56:0
GET /wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1662665805 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 19:00:03 GMT
etag: "7521f37-875fe-5cc0d4e451050-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: text/css
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805
68.66.216.56200 OK 0 B URL HTTP/2 tesu.rw/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805
IP 68.66.216.56:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1662665805 HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 19:00:03 GMT
etag: "7521f49-fe0d2-5cc0d4e455e70-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: application/javascript
date: Thu, 08 Sep 2022 19:36:46 GMT
server: Apache
X-Firefox-Spdy: h2
tesu.rw/wp-content/uploads/2019/10/PUM_HENNEKE.png
68.66.216.56200 OK 0 B URL HTTP/2 tesu.rw/wp-content/uploads/2019/10/PUM_HENNEKE.png
IP 68.66.216.56:0
GET /wp-content/uploads/2019/10/PUM_HENNEKE.png HTTP/1.1
Host: tesu.rw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tesu.rw/
Cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 30 Oct 2019 10:33:42 GMT
etag: "7521f5b-1bcd44-5961e444405a9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=604800, public
content-type: image/png
date: Thu, 08 Sep 2022 19:36:47 GMT
server: Apache
X-Firefox-Spdy: h2