r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5414
Expires: Thu, 01 Sep 2022 05:21:44 GMT
Date: Thu, 01 Sep 2022 03:51:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 03:26:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RUF9eMmB_jUZUE_C865kJr9Nhi8S62HxLCOfV5STbiy4p7nmCn7TQg==
Age: 1475
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: w-s9UCvacBQllRtv0ohMmPmYP9SAptEkNiwFQUJ9Ap1S2zD2qzTEdg==
age: 9374
X-Firefox-Spdy: h2
www.wanuziamarcks.com/BDO/sso/login.php
107.161.182.91301 Moved Permanently 255 B URL HTTP/1.1 www.wanuziamarcks.com/BDO/sso/login.php
IP 107.161.182.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c006f56a025655205249fa2cdf2c98be
b529043b77719c65378b5f4cd10df6fe6327bf88
61ef1508ce97f261c8d2713ab0765a088a4b877cceba4451718d0939274ccb86
Analyzer Verdict Alert openphish BDO Unibank
fortinet Phishing
GET /BDO/sso/login.php HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 04:06:57 GMT
Server: Apache
Location: https://www.wanuziamarcks.com/BDO/sso/login.php
Content-Length: 255
Connection: close
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 03:51:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 02:57:05 GMT
Expires: Thu, 01 Sep 2022 03:52:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cmn2nXv5oYa2J3YSuyNufziyQaRSZackmAXY2L8Ea0zmEq7TqBpJBQ==
Age: 3265
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 359
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:51:30 GMT
Last-Modified: Thu, 01 Sep 2022 03:45:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: h9DwSaKjn3xoyiYp8x1V1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EtnNcAR7KzD+0vcAtQG6s0DNQlg=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19048
Expires: Thu, 01 Sep 2022 09:09:00 GMT
Date: Thu, 01 Sep 2022 03:51:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19048
Expires: Thu, 01 Sep 2022 09:09:00 GMT
Date: Thu, 01 Sep 2022 03:51:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19048
Expires: Thu, 01 Sep 2022 09:09:00 GMT
Date: Thu, 01 Sep 2022 03:51:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19048
Expires: Thu, 01 Sep 2022 09:09:00 GMT
Date: Thu, 01 Sep 2022 03:51:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19048
Expires: Thu, 01 Sep 2022 09:09:00 GMT
Date: Thu, 01 Sep 2022 03:51:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:20 GMT
age: 22452
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35c8a1f0-6f7f-4b0f-baea-84eaeec25782.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35c8a1f0-6f7f-4b0f-baea-84eaeec25782.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bb15bd7bc4dd59e28a1066c8e67751e
d0a18577ff979c34c4f1e45515542c8b12c8b0e3
e1297a01a214f262b14cd04ebaafd913e4c9f09bd86dbeac600db57f39f51077
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35c8a1f0-6f7f-4b0f-baea-84eaeec25782.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10508
x-amzn-requestid: ff89b1da-4384-4787-844f-a7a65fb20b51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdacUE8tIAMF3QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308711b-7d09607973e1755d34aa0184;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:07:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f5RXilXHrfdz2NOuDKn7vHXcpiqi-dPc5ig0OqEP3Playiz3DT4tgg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 13:08:33 GMT
age: 52979
etag: "d0a18577ff979c34c4f1e45515542c8b12c8b0e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494ba0180ab4b2b80ca11aeb67ae69ab
2082e9f809e97bbcaf6ff11846398aca472f9f0f
c6a707e79315677912fa7cf6ab592abf4377aa76e51ae5149d4bae7e663d6801
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff48464b4-ee99-46c1-8a3e-aa01e1b670f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: bd49a4c9-205b-4553-90a3-308ebc6be818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4hOHzVoAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd46e-783de8c2461d7cb9167f734e;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mDad6prX28HjnDw7hq0B9vE_BaX9qqrjaOo7A46jhu2S505prB5SJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:11 GMT
age: 22461
etag: "2082e9f809e97bbcaf6ff11846398aca472f9f0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa854afe7-aed7-459f-b9d3-a92ee390f3f0.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa854afe7-aed7-459f-b9d3-a92ee390f3f0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3565104073de1cd27919a8ee68fe296e
5a6425a36ab00449593951fbd4bfba8e4194c217
d60f8a074d84ff44c5273da404fbc79438462a5786c54408ec938bd8ae80e2a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa854afe7-aed7-459f-b9d3-a92ee390f3f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8877
x-amzn-requestid: 3c9a7b05-f9f7-4b64-8812-6747130b4c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xi98yFNVoAMFjiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630aa9eb-64260de84540a2a135bc6eb0;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 23:34:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ocwse_hSdULpAVgkQWZv3w9_2yA2tsBgQYfIQoazl7ESv3FllkzvYQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:39:54 GMT
age: 22298
etag: "5a6425a36ab00449593951fbd4bfba8e4194c217"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0d8ed4b8bda662c244b9d26cf143147
151395a70faa075762664fc6cd52a65004b5c81c
49b381815612b7ecb021f243438aae99e399993d91fb38bf5d7bb3d357519d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382fbb98-12b7-491f-a8c7-63afff403010.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9152
x-amzn-requestid: 12c7a724-7c66-488e-b1c4-ac222ed4e5aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i5H6sIAMFRLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-0fc85d8539d761367b821823;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _j9qaEvy56YyK9qz0CaE2IO9_yEsoM7RIhO_5gddryb3pgOdOmH-OA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:15 GMT
age: 22457
etag: "151395a70faa075762664fc6cd52a65004b5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b14395b-3f2d-4aeb-b43c-253963035eaa.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b14395b-3f2d-4aeb-b43c-253963035eaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3091a7a992a2ad059e486d4e0d93c02
deec914bf1f10646d923db48ab3d4ec21af27381
8819908ab1f13fd13fe5980883502b6131ab74c2a716b8576d95e89b980df149
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b14395b-3f2d-4aeb-b43c-253963035eaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8084
x-amzn-requestid: 743404c1-6c84-4232-9b7c-3cae4ebb3d4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3i5EeioAMFygw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2df-6e6460e844f676d671797ff0;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4sryJq3FD4jgCCkSjTSMMpvOJ3k9V6i3tF2Pd8dXyqDw7cmnojV0KQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:47:20 GMT
age: 21852
etag: "deec914bf1f10646d923db48ab3d4ec21af27381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.wanuziamarcks.com/BDO/sso/login.php
107.161.182.91404 Not Found 47 kB URL HTTP/1.1 www.wanuziamarcks.com/BDO/sso/login.php
IP 107.161.182.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8351), with CRLF, CR, LF line terminators
Hash e1037667f00b8d3ae1d820854301c5cd
54c2b6118a268bd8a0592e7aaa450f2a527be965
a2cd96c2457b89ce2ccbfb08ca8692bef223f924af9f43b4a8551c9dcdd75b94
Analyzer Verdict Alert openphish BDO Unibank
fortinet Phishing
GET /BDO/sso/login.php HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Thu, 01 Sep 2022 04:06:57 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.wanuziamarcks.com/wp-json/>; rel="https://api.w.org/"
X-TEC-API-VERSION: v1
X-TEC-API-ROOT: https://www.wanuziamarcks.com/wp-json/tribe/events/v1/
X-TEC-API-ORIGIN: https://www.wanuziamarcks.com
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 888b942029507a51149d121a3240e9d6
93590a3ac3a943506798dba597335cb144a5795d
7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:51:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 888b942029507a51149d121a3240e9d6
93590a3ac3a943506798dba597335cb144a5795d
7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:51:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/style.css?ver=1.0.0
107.161.182.91200 OK 5.4 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/style.css?ver=1.0.0
IP 107.161.182.91:0
File type ASCII text, with CRLF line terminators
Hash 890f88cb223169e3d222be679085a6f1
d02a80d14b18561817caba60dd317e29496c2b33
74283d83c887db69e8c86f6fc90a1b5a840ddfc3c96b57900c8e4f25df0c7afa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/style.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:06:59 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 5425
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/plugins/timetable/style/jquery.qtip.css?ver=6.0.2
107.161.182.91200 OK 13 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/timetable/style/jquery.qtip.css?ver=6.0.2
IP 107.161.182.91:0
Hash a96667dfd862a27bd55fb21fbde76748
4f7133ea95a35e3173f02c47526c2c2b3ed3786b
556855d3e3e714c0a57453c8bdc4710be317df46e004c6a7c9fbb516f7a49c21
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/timetable/style/jquery.qtip.css?ver=6.0.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:06:59 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:11 GMT
Accept-Ranges: bytes
Content-Length: 12681
Connection: close
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 888b942029507a51149d121a3240e9d6
93590a3ac3a943506798dba597335cb144a5795d
7d358a347c38b06733ae7e7eae5a02f583d0d3db2a241bf427dff2588d7c6c1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:51:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.wanuziamarcks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
107.161.182.91200 OK 19 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 107.161.182.91:0
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:06:59 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 18:25:09 GMT
Accept-Ranges: bytes
Content-Length: 18617
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
107.161.182.91200 OK 60 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
IP 107.161.182.91:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 6965137b6996c7953be805866df582ed
7fa546bdc941a31224fcc0b64c75d30f23630583
b86f3cdcccad303cb5300fab4d2774eafc3a2788f07ff1f3cd1953dd0debaa3f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:06:59 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 60053
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/adaptive.css?ver=1.0.0
107.161.182.91200 OK 34 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/adaptive.css?ver=1.0.0
IP 107.161.182.91:0
Hash 3f8def3b780266b9f9be16cfe49249e0
15b9df7b54f2e477a72b0e03c3e5f9d02a688350
a90f73ffb92868f1fe7e8384d32cc21dd22e8117f3ca6dd4c960843b8c8c97a5
GET /wp-content/themes/_wanuziamarcksV1b/css/adaptive.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:06:59 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 34199
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/retina.css?ver=1.0.0
107.161.182.91200 OK 812 B URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/retina.css?ver=1.0.0
IP 107.161.182.91:0
File type ASCII text, with CRLF line terminators
Hash 8ae8e25a90ccf02534ac54d1169d78ec
34f0371f12a547dd80171a56ab9480ccba19e472
e9abecca82b088083c58b7ac742f075b6a310616e7caef14dad36d27e09f9f1c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/css/retina.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 812
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fontello-custom.css?ver=1.0.0
107.161.182.91200 OK 2.6 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fontello-custom.css?ver=1.0.0
IP 107.161.182.91:0
Hash ef9d8414c9f9ef7749d1f584a5585eab
f6aeb95898715a73535a4ce222e4db12218c27f3
3ac03ad90536a13129aec0af6dd8918af1afb17b3a63b1bffc685772e0f28962
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/css/fontello-custom.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 2579
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/style.css?ver=1.0.0
107.161.182.91200 OK 246 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/style.css?ver=1.0.0
IP 107.161.182.91:0
Size 246 kB (246541 bytes)
Hash 8bccd96b097b7e21c19d291a25efb071
47b8d2bb3725ca9673938ad5b1dd4de80636bfaa
3ce58b3cb55e3c6ce3c58c264afbfaa8576a08a48172e23cb885eeebaed3b07e
GET /wp-content/themes/_wanuziamarcksV1b/css/style.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:06:59 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 246541
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fontello.css?ver=1.0.0
107.161.182.91200 OK 70 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fontello.css?ver=1.0.0
IP 107.161.182.91:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 5891c29ac6382f7ba5b2cf270628d89d
1d6a4ac7291bf43e05a3e8bb147b9a5abf695a39
a2b0309fb2a729a92846791a1a665c1451192a030539a10bf70fc94d129555dd
GET /wp-content/themes/_wanuziamarcksV1b/css/fontello.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 70419
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-donations/css/cmsmasters-donations-style.css?ver=1.0.0
107.161.182.91200 OK 26 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-donations/css/cmsmasters-donations-style.css?ver=1.0.0
IP 107.161.182.91:0
Hash 5b813d5a742c4ab33bdb410e267fcc47
c248003ac368ef3986ada442dd9900442ba0ffd6
268b92c5e30160efd1482c4ab1c071388ce2169a213a1139fec963eb8de95a84
GET /wp-content/themes/_wanuziamarcksV1b/cmsmasters-donations/css/cmsmasters-donations-style.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 26403
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-donations/css/cmsmasters-donations-adaptive.css?ver=1.0.0
107.161.182.91200 OK 5.9 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-donations/css/cmsmasters-donations-adaptive.css?ver=1.0.0
IP 107.161.182.91:0
Hash 2e51ebc7c2b62f41de55489db47fd848
29e083c29fa90ab32decddf6b1dcf0cb4c77f52e
a3048966e9dc164e3c07c6c8d9b9f9fa1f74d553234310f73674f0de2b80f913
GET /wp-content/themes/_wanuziamarcksV1b/cmsmasters-donations/css/cmsmasters-donations-adaptive.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 5874
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/animate.css?ver=1.0.0
107.161.182.91200 OK 65 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/animate.css?ver=1.0.0
IP 107.161.182.91:0
File type ASCII text, with very long lines (460), with CRLF line terminators
Hash 5ab740c699c50679b96fcc733e59ca83
ccf7ca86fba90036854211b30282e9247d914351
46b3384b6e781d42a2e1f1257cda8c1924ac02404387c34f29369c42dd3300c1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/css/animate.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 64560
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-events-adaptive.css?ver=1.0.0
107.161.182.91200 OK 8.9 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-events-adaptive.css?ver=1.0.0
IP 107.161.182.91:0
Hash a1c45e75e2159efbc274741f1de90aa8
65bfacea62b7da5e50860dacd3d0843f3bc54c25
c8168fce3205c5b278e35df595a8ceec50769fdcc168a10a1561620c2c0f6ea5
GET /wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-events-adaptive.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 8857
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-events-style.css?ver=1.0.0
107.161.182.91200 OK 65 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-events-style.css?ver=1.0.0
IP 107.161.182.91:0
File type assembler source, ASCII text
Hash 083b994c8674c68f0f80e1c13aceaed3
a6f71070d2d3cd8f99deb3818405fb8cffb4e5f9
0818d00d24ef5070af46bf23760f3a0b9f81232230c56b8cac21b348212f5436
GET /wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-events-style.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 65433
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-timetable-style.css?ver=1.0.0
107.161.182.91200 OK 24 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-timetable-style.css?ver=1.0.0
IP 107.161.182.91:0
Hash 900a2d5d11290b37c31c3e5e73ea8c30
12d225f76b84d1ab4155b541af0f9537f0e7c156
966027da21b3d8e9c19f5b495e46f80706a8d4d60a4dd58055376430968a0425
GET /wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-timetable-style.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:00 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 23898
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-timetable-adaptive.css?ver=1.0.0
107.161.182.91200 OK 3.1 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-timetable-adaptive.css?ver=1.0.0
IP 107.161.182.91:0
Hash 39fac317eaf6f8bc68e6eb5dafb331f9
e71527b46493ce6aa7048522f2568416a29f7a95
c5e79ada1682750657f5cc45711fedef691411f5f3ea1fb4077942e4f4bda0f8
GET /wp-content/themes/_wanuziamarcksV1b/css/cmsmasters-timetable-adaptive.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 3098
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/ilightbox.css?ver=2.2.0
107.161.182.91200 OK 8.5 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/ilightbox.css?ver=2.2.0
IP 107.161.182.91:0
File type ASCII text, with very long lines (446), with CRLF line terminators
Hash 2f1735bc7ee7d5c104eb1338616ac532
8cd4d3cee3b26841490edde2c61308c4545954bd
0d8ca0bc4092b871bedcd46fbe52532c4e1c7791b04c29e4f42e84f2aeb7c3f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/css/ilightbox.css?ver=2.2.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 8482
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/ilightbox-skins/dark-skin.css?ver=2.2.0
107.161.182.91200 OK 8.1 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/ilightbox-skins/dark-skin.css?ver=2.2.0
IP 107.161.182.91:0
File type ASCII text, with CRLF line terminators
Hash 1737700b09d920ff6014396e83e1bc81
2bce3a1be6a7e8b48b6b0af34ead8717991abbb1
fcf78df019add3e3ef358c180d967b65e4b5a823bc6f0fa407da7c9578ece2db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/css/ilightbox-skins/dark-skin.css?ver=2.2.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 8078
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
107.161.182.91200 OK 11 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 107.161.182.91:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 18:25:13 GMT
Accept-Ranges: bytes
Content-Length: 11224
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/gutenberg/css/frontend-style.css?ver=1.0.0
107.161.182.91200 OK 40 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/gutenberg/css/frontend-style.css?ver=1.0.0
IP 107.161.182.91:0
Hash 9dffd6549023604fdf4855700c2742b0
a6c2a48f0b94ccdf78521c3fe7b982c057b837d7
5f8a4e64f4f6559e5d39f5fa3fa5695d2a33f6ce99e95923c56d83844a1260c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/gutenberg/css/frontend-style.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 40408
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/plugins/the-events-calendar/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css?ver=5.16.4
107.161.182.91200 OK 16 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/the-events-calendar/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css?ver=5.16.4
IP 107.161.182.91:0
File type ASCII text, with very long lines (16264)
Hash 047ed4fc0f2919782f116f451622098b
c2d213e2c98262e3d92d8c2fe72c786de9eb776e
9c035d8b5700deffd13fd18f59689985addc3658edcc0c439dca7e0352cb993e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/the-events-calendar/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css?ver=5.16.4 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 18:27:48 GMT
Accept-Ranges: bytes
Content-Length: 16452
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
107.161.182.91200 OK 90 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 107.161.182.91:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 18:25:15 GMT
Accept-Ranges: bytes
Content-Length: 89521
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/uploads/cmsmasters_styles/my-religion.css?ver=1.0.0
107.161.182.91200 OK 449 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/uploads/cmsmasters_styles/my-religion.css?ver=1.0.0
IP 107.161.182.91:0
File type ASCII text, with CRLF line terminators
Size 449 kB (449071 bytes)
Hash 5d16c7ee49d4531e349ac6b70ec1afe9
5a2e33bbc91097dd09bd64da64af0c0d38f0f8e9
0d583a16702f4261ef5444b8c276e869724973e5f5b22ecd648f4355e87a700c
GET /wp-content/uploads/cmsmasters_styles/my-religion.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 449071
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2
107.161.182.91200 OK 123 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2
IP 107.161.182.91:0
File type ASCII text, with very long lines (65315)
Size 123 kB (122981 bytes)
Hash 7564e6d9ca44f30e2eab9cb3a9ddd90e
e2e34ec71d114f962934587243a69f728d0bcc83
7c75af381f475e4d79a419759d08dea7aaae05d5a86abcca727e369b2d7b0b34
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=6.11.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 122981
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2
107.161.182.91200 OK 22 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2
IP 107.161.182.91:0
File type Unicode text, UTF-8 text, with very long lines (21440)
Hash 35f5e5a982eb8794d7de9225a4e59392
9b5965f64f6a9e64e4d06da8ca7d82da8d297c5d
080ffc54588298b3c11323b2a353ca75ca830a04fe534aee4b1f6fe7600562c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=6.11.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 21779
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2
107.161.182.91200 OK 129 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2
IP 107.161.182.91:0
File type ASCII text, with very long lines (65322)
Size 129 kB (129010 bytes)
Hash fd4b93e281369980ef3eece71aa5d787
a8af362ba9eb2042d7729f69db3aae98806f7bbd
c7fc9bacdf9cd4beb1f1dd26133f5058e3e3f553bac4c6017597845b4940bd2e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=6.11.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 129010
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
107.161.182.91200 OK 119 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
IP 107.161.182.91:0
File type ASCII text, with very long lines (41022), with CRLF line terminators
Size 119 kB (119386 bytes)
Hash 1eca6ed028850aa07d5f4a003fd7079e
1f02b8c5485108373bdd14a96bb1fe22d72e157b
9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:01 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 119386
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jsLibraries.min.js?ver=1.0.0
107.161.182.91200 OK 21 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jsLibraries.min.js?ver=1.0.0
IP 107.161.182.91:0
File type HTML document, ASCII text, with very long lines (14852), with CRLF line terminators
Hash e52bb5b64ff05702fdfc3867ba467290
e2c69b6b985028802aca2eb3d380d72ea5114a5f
d22a23b695c88b4970b10150c9bf47db036d75dcd791d06814f0feaf3409a01d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/js/jsLibraries.min.js?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:02 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 20621
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2
107.161.182.91200 OK 22 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2
IP 107.161.182.91:0
Hash 1aecf6a8b61498b6418a123cc25afd22
b12b002eb6c991f205d8ea17fe9c29c56e00b721
2b5f00285b93abb875bec31fd7791fe409ed633b39156351b3ae6aabe035cef0
GET /wp-content/plugins/LayerSlider/assets/static/layerslider/css/layerslider.css?ver=6.11.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:02 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 21850
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
107.161.182.91200 OK 327 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
IP 107.161.182.91:0
File type ASCII text, with very long lines (64268)
Size 327 kB (327000 bytes)
Hash 8a5702feb8810be04c356543d737724b
3385fcee5497e03be43e3bbd17e052bb533f3994
60f59e08903c3d0b70e928af542ded081c10a790b6c198c7026788b77f4256ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:02 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 327000
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jquery.iLightBox.min.js?ver=2.2.0
107.161.182.91200 OK 54 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jquery.iLightBox.min.js?ver=2.2.0
IP 107.161.182.91:0
File type ASCII text, with very long lines (44871)
Hash bb9dbe6e039a37c5aeb39b3450596eee
5c2a06dea26ced6f2e10a80cef378fc2ad556937
9372a210dd335776eaa0dee9d4b350affd0038f0bcddb34c2865ee64816fdab9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/js/jquery.iLightBox.min.js?ver=2.2.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:02 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 54314
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/css/cmsmasters-sermons-style.css?ver=1.0.0
107.161.182.91200 OK 5.9 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/css/cmsmasters-sermons-style.css?ver=1.0.0
IP 107.161.182.91:0
Hash ee61937fcbd8e02d63c4dc8869d9bfd7
09afc899d9c456c4fd87f6851836ce80df9d1f30
1ae6baaecc09fa46cb49ccc7b90f3c3a0d8d5438ac2340d856305109a92b9278
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/css/cmsmasters-sermons-style.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:02 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 5868
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/css/cmsmasters-sermons-adaptive.css?ver=1.0.0
107.161.182.91200 OK 1.5 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/css/cmsmasters-sermons-adaptive.css?ver=1.0.0
IP 107.161.182.91:0
Hash 70c0a5f3d315c115dce2fad3714602e3
741b58188fa57baee87b731ed5695304df0085dc
754bfb77b691310a3c15393f33f02128d2795ef9b1478cab4c9107ff5e35d3be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/css/cmsmasters-sermons-adaptive.css?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:02 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 1455
Connection: close
Content-Type: text/css
www.wanuziamarcks.com/wp-content/plugins/cmsmasters-mega-menu/js/jquery.megaMenu.js?ver=1.2.7
107.161.182.91200 OK 4.5 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/cmsmasters-mega-menu/js/jquery.megaMenu.js?ver=1.2.7
IP 107.161.182.91:0
File type ASCII text, with CRLF line terminators
Hash 55cbc15da332aaa127b086b6063fffc0
d6938fdb02582550ecde639eec1e34ac498406c4
321e739f6441d45cdbfdd69de77da1ddfac4786fcf5ff0909674064d77234d3e
GET /wp-content/plugins/cmsmasters-mega-menu/js/jquery.megaMenu.js?ver=1.2.7 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:02 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 4490
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/js/jquery.sermons-script.js?ver=1.0.0
107.161.182.91200 OK 820 B URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/js/jquery.sermons-script.js?ver=1.0.0
IP 107.161.182.91:0
File type ASCII text, with CRLF line terminators
Hash 47335956750a32ebd66fcbebc6ed9fb1
dfdabd28372efa86b316d3b39e89b19af630700a
17e15aa54d70e161db731e7524a938d733c323a817fef925c1ee87a506d2bc87
GET /wp-content/themes/_wanuziamarcksV1b/cmsmasters-sermons/js/jquery.sermons-script.js?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:02 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 820
Connection: close
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1a93e8c1857c6d3b244d14ff166ad5f
b85467e5e77a51099b6f25527c9885c75aeef344
8978f8d4b0ab30408ef69c42dcb528422b7bbabc2a87971d5aeb6b3080fafb4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:51:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.wanuziamarcks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:26:57 GMT
expires: Thu, 31 Aug 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 30279
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1a93e8c1857c6d3b244d14ff166ad5f
b85467e5e77a51099b6f25527c9885c75aeef344
8978f8d4b0ab30408ef69c42dcb528422b7bbabc2a87971d5aeb6b3080fafb4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 03:51:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.wanuziamarcks.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
107.161.182.91200 OK 12 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 107.161.182.91:0
File type ASCII text, with very long lines (11760)
Hash 1d376be55e51aea00d432f6659d3e0d1
cc5b9f6fa12d0a90b38d3d6e918401c9ad26332b
34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 18:25:13 GMT
Accept-Ranges: bytes
Content-Length: 11937
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
107.161.182.91200 OK 21 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 107.161.182.91:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6aaf0a4e8eac131defea126f5b1b5fbf
24da0326af36303e5a1e9799a3c26f7a1077928c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Wed, 31 Aug 2022 18:25:13 GMT
Accept-Ranges: bytes
Content-Length: 20715
Connection: close
Content-Type: application/javascript
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.wanuziamarcks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Aug 2022 16:40:18 GMT
expires: Fri, 25 Aug 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 558678
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.wanuziamarcks.com/wp-content/plugins/timetable/js/jquery.ba-bbq.min.js?ver=6.0.2
107.161.182.91200 OK 4.7 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/timetable/js/jquery.ba-bbq.min.js?ver=6.0.2
IP 107.161.182.91:0
File type ASCII text, with very long lines (2697)
Hash 757fbeddff8f67f1f5f4d1211a54f860
9f1b4278154d94b7871ee831536585b6d8f7c9f0
785cf299c805ec5e17abfb1c1bb2f379b9076d7a6aa87000d5e22aa069896e7c
GET /wp-content/plugins/timetable/js/jquery.ba-bbq.min.js?ver=6.0.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:11 GMT
Accept-Ranges: bytes
Content-Length: 4673
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/plugins/timetable/js/jquery.qtip.min.js?ver=6.0.2
107.161.182.91200 OK 44 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/timetable/js/jquery.qtip.min.js?ver=6.0.2
IP 107.161.182.91:0
File type ASCII text, with very long lines (32049)
Hash e1933cf43209c6c5f1523056d0c376fa
1828d6b7f97548e43662c62ffd283e3bf8e2dd89
6be3d1ab735bc8adc6d3c0688a8f57ebec85887a53488adb13bbb366faa60da7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/timetable/js/jquery.qtip.min.js?ver=6.0.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:11 GMT
Accept-Ranges: bytes
Content-Length: 44303
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/plugins/timetable/js/timetable.js?ver=6.0.2
107.161.182.91200 OK 24 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/timetable/js/timetable.js?ver=6.0.2
IP 107.161.182.91:0
File type ASCII text, with very long lines (353)
Hash 4570d4663e18d4030b7d39bcec458798
b8201ae5455b3f30b0191998e073e72ce22daf37
ef5189420735e62cc24c711f5ab49ead9e20285eb26df24943a36284d95424f0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/timetable/js/timetable.js?ver=6.0.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:11 GMT
Accept-Ranges: bytes
Content-Length: 23850
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/plugins/timetable/js/jquery.carouFredSel-6.2.1-packed.js?ver=6.0.2
107.161.182.91200 OK 36 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/plugins/timetable/js/jquery.carouFredSel-6.2.1-packed.js?ver=6.0.2
IP 107.161.182.91:0
File type ASCII text, with very long lines (35720)
Hash bfe456dc33fd691cb0b1a8e769a7bb76
f6a27038d4f75bf4859d4ff5f21b0e4fc25abac1
eaa462465ec59b2258510c9a99e2deb5fe375f3c8f779f08476270c9c1e4bad2
GET /wp-content/plugins/timetable/js/jquery.carouFredSel-6.2.1-packed.js?ver=6.0.2 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:11 GMT
Accept-Ranges: bytes
Content-Length: 36033
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/scrollspy.js?ver=1.0.0
107.161.182.91200 OK 15 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/scrollspy.js?ver=1.0.0
IP 107.161.182.91:0
File type ASCII text, with very long lines (564)
Hash 4abee35539677b5b6703fc66ec0ade71
0310dc050c4cf85102d5cf98a7db3060bfe79d7f
9e23f3989f41ce7a23158b418c9d93c8b08f339a2419a05ca3faf2a7c9701f16
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/js/scrollspy.js?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 14623
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jquery.tweet.min.js?ver=1.3.1
107.161.182.91200 OK 7.7 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jquery.tweet.min.js?ver=1.3.1
IP 107.161.182.91:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (7318), with CRLF line terminators
Hash 87ecd461adc2844a95fffefab0c192f6
4ade0a7db8a3aa5c88223cf24a60486335529959
ed6c0fbb899228a7c922275eb7dd9401178c032c45c14c1fd660076699590b16
GET /wp-content/themes/_wanuziamarcksV1b/js/jquery.tweet.min.js?ver=1.3.1 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 7666
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jqueryLibraries.min.js?ver=1.0.0
107.161.182.91200 OK 84 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jqueryLibraries.min.js?ver=1.0.0
IP 107.161.182.91:0
File type ASCII text, with very long lines (12821), with CRLF line terminators
Hash 0ea533262aa2178b884bf1de64f23a76
fd115c6618b05d50cbfab6c25b16891f099059ba
998c873697a9357d063c7cdebd5f5b2b12e292868b5ad1352a039f8ae5bbbe13
GET /wp-content/themes/_wanuziamarcksV1b/js/jqueryLibraries.min.js?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 84219
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jquery.script.js?ver=1.0.0
107.161.182.91200 OK 34 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/js/jquery.script.js?ver=1.0.0
IP 107.161.182.91:0
File type ASCII text, with CRLF line terminators
Hash 6f89722a4641879a04ddc913a94dc91a
3645930d302c611f7c96792b82c4128bd5be7034
acb805677305641012016e076d39d65034245c00553fb72a61427f5bed861c5a
GET /wp-content/themes/_wanuziamarcksV1b/js/jquery.script.js?ver=1.0.0 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 33857
Connection: close
Content-Type: application/javascript
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fonts/fontello-custom.woff?60241387
107.161.182.91200 OK 4.5 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fonts/fontello-custom.woff?60241387
IP 107.161.182.91:0
File type Web Open Font Format, TrueType, length 4496, version 1.0\012- data
Hash e904e8f090fc4d8b552dd98da1ce5ac3
5c530cad7dd96cb0e49e0aee45904af2ef616504
998936720f3a0bd5e9540d628f9ee4e226c2ecff63218939bbc22569c9acbb84
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/css/fonts/fontello-custom.woff?60241387 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fontello-custom.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 4496
Connection: close
Content-Type: font/woff
www.wanuziamarcks.com/wp-content/uploads/2020/12/logo-wm-300x90.png
107.161.182.91200 OK 22 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/uploads/2020/12/logo-wm-300x90.png
IP 107.161.182.91:0
File type PNG image data, 300 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 072ddea74886a22dcaf1fa1704a2573e
c8a600cacd6dbcac1fc4e96c00e0be99deddadb4
98753a8cf69bf447f03299df897caee2716603b8db85ccf0bffaa4ac3b2d90ad
GET /wp-content/uploads/2020/12/logo-wm-300x90.png HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:04 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 22401
Connection: close
Content-Type: image/png
www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fonts/fontello.woff?61757689
107.161.182.91200 OK 131 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fonts/fontello.woff?61757689
IP 107.161.182.91:0
File type Web Open Font Format, TrueType, length 130584, version 1.0\012- data
Size 131 kB (130584 bytes)
Hash d43e4606fd9be47df1a8f71a1c1d43a4
a205b137b1365c4c7108f68b7c791cf8750e8c48
00b4afbe6cb75d57da853cda1c11b94ffbc3f3820822803ef826e19f8d46ad8f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/_wanuziamarcksV1b/css/fonts/fontello.woff?61757689 HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/wp-content/themes/_wanuziamarcksV1b/css/fontello.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:03 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 130584
Connection: close
Content-Type: font/woff
www.wanuziamarcks.com/wp-content/uploads/2020/12/favicon-70x70.png
107.161.182.91200 OK 9.9 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/uploads/2020/12/favicon-70x70.png
IP 107.161.182.91:0
File type PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash e71b4d0a6e335818e0e981086eff594d
3b9bd12a77b886adfe4ec347fa99a0328947cdb5
3b4355354d13bda86d37a79a5082081aaac911bf7fbf68075d7b621d56955377
GET /wp-content/uploads/2020/12/favicon-70x70.png HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:04 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 9905
Connection: close
Content-Type: image/png
www.wanuziamarcks.com/wp-content/uploads/2020/12/favicon.png
107.161.182.91200 OK 37 kB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/uploads/2020/12/favicon.png
IP 107.161.182.91:0
File type PNG image data, 147 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash fca3e91a3566cd00adf8753be8b6e1c2
7fc3543f0225f59a5b0ddcd0c46c85c1b9913751
95cafa8a0f0efc306fb19c47b8ab34e4b69cfd3cb36b78be5245f17b245c57ae
GET /wp-content/uploads/2020/12/favicon.png HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:04 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:10 GMT
Accept-Ranges: bytes
Content-Length: 37442
Connection: close
Content-Type: image/png
www.wanuziamarcks.com/wp-content/uploads/2016/07/06.jpg
107.161.182.91200 OK 1.4 MB URL HTTP/1.1 www.wanuziamarcks.com/wp-content/uploads/2016/07/06.jpg
IP 107.161.182.91:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 1.4 MB (1438638 bytes)
Hash a44ede6a40a7bb7e49f250ee205eb0da
84f6d4ccb9c54ffc65b0d6f8e01fe9048d82f495
390c8cad22664407a177e21efc865cff2b210e20e1949a218af63d491aec3380
GET /wp-content/uploads/2016/07/06.jpg HTTP/1.1
Host: www.wanuziamarcks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/BDO/sso/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 01 Sep 2022 04:07:04 GMT
Server: Apache
Last-Modified: Mon, 04 Jan 2021 22:45:09 GMT
Accept-Ranges: bytes
Content-Length: 1438638
Connection: close
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7be4a52330d1dfc737e9d20e64d2aadb
4a7d5d62012de7275c34dfdc3a0fc2d06eff63df
fc6eaa423832b7916af6cd8b3c46a1565ba04f8073b1f9c8c29b7d7a0ab55c90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7424
x-amzn-requestid: d873cd60-ea9c-473d-962c-73a9ec707c60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj85EHZSoAMFSgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b0ea0-7c7815dc10ab7b8b444f89ff;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:43:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wJHY7X16ynGBokDQ_FXSKQU87cKaoZFAtVzhkAoZkgxB-noD3LLdJw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 05:01:24 GMT
age: 82215
etag: "4a7d5d62012de7275c34dfdc3a0fc2d06eff63df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A400%2C700&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C700&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Lato%3A400%2C700&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 03:51:32 GMT
date: Thu, 01 Sep 2022 03:51:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Crimson+Text%3A400%2C400italic%2C700%2C700italic%7CSource+Sans+Pro%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic%7CMontserrat%3A400%2C700&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Crimson+Text%3A400%2C400italic%2C700%2C700italic%7CSource+Sans+Pro%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic%7CMontserrat%3A400%2C700&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Crimson+Text%3A400%2C400italic%2C700%2C700italic%7CSource+Sans+Pro%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic%7CMontserrat%3A400%2C700&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.wanuziamarcks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 03:51:32 GMT
date: Thu, 01 Sep 2022 03:51:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2