r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13674
Expires: Thu, 08 Dec 2022 19:12:37 GMT
Date: Thu, 08 Dec 2022 15:24:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16693
Expires: Thu, 08 Dec 2022 20:02:56 GMT
Date: Thu, 08 Dec 2022 15:24:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 15:08:13 GMT
content-type: application/json
age: 990
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11069
Expires: Thu, 08 Dec 2022 18:29:12 GMT
Date: Thu, 08 Dec 2022 15:24:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: S6y4DYb8Hnbt3/1QjMmlCl0vEdsA8UNlXWcvfyKEq7S7eH1Av+2fUirLT3xZ4g+64nf2NIC+IOQ=
x-amz-request-id: 9RGQWRS4NT59HAXC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 14:47:57 GMT
age: 2206
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:24:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 15:07:55 GMT
age: 1009
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4954
Cache-Control: max-age=155082
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:24:44 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:29:26 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
abctutorials.com/saturation076/
110.232.141.86301 Moved Permanently 0 B URL HTTP/1.1 abctutorials.com/saturation076/
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /saturation076/ HTTP/1.1
Host: abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: RCAUMnr=1; expires=Thu, 08-Dec-2022 18:24:44 GMT; Max-Age=10800
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: http://www.abctutorials.com/saturation076/
content-length: 0
date: Thu, 08 Dec 2022 15:24:44 GMT
server: LiteSpeed
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3cnIhJ95iptFD1Dee+hL3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lY9pzg9xiOqDTgNcZy3dUdUgfO4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16842
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 15:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16842
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 15:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16842
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 15:24:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16842
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 15:24:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 56954
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 58848
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 58091
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EeYw3qxRNMEhtLkUrHQe5b1H_f2k-5BWSZV4LEZ9U64rqm7Addv_Dw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 06:56:32 GMT
age: 30494
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wFqXeAYHSBcj85PiuqhV790clAMWg_NHMCO5Q5WARXDaohFWZdeCig==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:19:17 GMT
age: 57929
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 61882
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.abctutorials.com/saturation076/
110.232.141.86404 Not Found 4.8 kB URL HTTP/1.1 www.abctutorials.com/saturation076/
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820)
Hash b1c6f81d7cd9709bc1e05d5e8da46071
f33de72562d3634d712d5f961f7ee205f385dcf1
e867e76c651fccaba0161734ca76fffebba801f6dd7e609d03f215ca2b3b3862
Analyzer Verdict Alert fortinet Malware
GET /saturation076/ HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: RCAUMnr=1; expires=Thu, 08-Dec-2022 18:24:46 GMT; Max-Age=10800
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <http://www.abctutorials.com/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 08 Dec 2022 15:24:46 GMT
server: LiteSpeed
fonts.googleapis.com/css?family=Open+Sans:400italic,400,600,700|Nunito:400
142.250.74.106200 OK 898 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:400italic,400,600,700|Nunito:400
IP 142.250.74.106:0
Hash 1c52d09e8ea963fe6e6e9efd8c2bd78d
6812d7160fc08a161c3792f2159a710f47e4f5a9
7d9f1b8bc74e5c9f8ee687395b48f6f088a43e88130ab066a8add71efcacff13
GET /css?family=Open+Sans:400italic,400,600,700|Nunito:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 08 Dec 2022 15:24:47 GMT
Date: Thu, 08 Dec 2022 15:24:47 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.abctutorials.com/code/wp-content/themes/helpguru/css/style.css?ver=5.8
110.232.141.86200 OK 8.8 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/themes/helpguru/css/style.css?ver=5.8
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with very long lines (460)
Hash 73afbb99fed46d68dfca57990808d8d1
581514da7a24c8e16473a32eb2aa8270878481fc
9fdfca4274b4df5580c5baf1d3cc1b93ad55aa827ef20d6060d9de1c390eee30
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/themes/helpguru/css/style.css?ver=5.8 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: text/css
last-modified: Mon, 22 Aug 2016 01:20:10 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8816
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-includes/css/dist/block-library/style.min.css?ver=5.8
110.232.141.86200 OK 10 kB URL HTTP/1.1 www.abctutorials.com/code/wp-includes/css/dist/block-library/style.min.css?ver=5.8
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 915898ebd9c4735f3af4fe57348658a9
85d4bddc401bb373c291e46e617f9daa12e7883d
e25d0e73f89dc6245fde7c71d631bbec9f4c56d52a9a796af2e890ba1304605b
GET /code/wp-includes/css/dist/block-library/style.min.css?ver=5.8 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: text/css
last-modified: Wed, 25 Aug 2021 05:56:58 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10496
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/themes/helpguru/css/ht-kb.css?ver=5.8
110.232.141.86200 OK 4.3 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/themes/helpguru/css/ht-kb.css?ver=5.8
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with very long lines (2410)
Hash b189305211b1da2ee4390e137ce7fedd
e628a5cfd8324a958702ddb358a2a0c5651348b7
b92ee4149446b82795b5a73d38b1ed0420dd761884efa71e69691b6db01bb40d
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/themes/helpguru/css/ht-kb.css?ver=5.8 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: text/css
last-modified: Mon, 22 Aug 2016 01:20:10 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4277
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/themes/helpguru/inc/ht-core/libraries/font-awesome/css/font-awesome.min.css?ver=5.8
110.232.141.86200 OK 5.8 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/themes/helpguru/inc/ht-core/libraries/font-awesome/css/font-awesome.min.css?ver=5.8
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with very long lines (23577)
Hash 77ebcdd7443ed414c2bc7e68778631ae
272a01f93efbaac0bf97f4eccf41d7671d1807c3
8d27bcabbabda4da19bdbfed37be83ce44b2a197123fb0162729232c1dd52212
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/themes/helpguru/inc/ht-core/libraries/font-awesome/css/font-awesome.min.css?ver=5.8 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: text/css
last-modified: Tue, 16 Aug 2016 03:04:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5771
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
110.232.141.86200 OK 4.2 kB URL HTTP/1.1 www.abctutorials.com/code/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
Analyzer Verdict Alert fortinet Malware
GET /code/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: application/javascript
last-modified: Sat, 27 Mar 2021 02:25:08 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4168
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Styles/SyntaxHighlighter.css
110.232.141.86200 OK 1.1 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Styles/SyntaxHighlighter.css
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 0623294af283026a28200345de571e12
cfb33b1d25eaab8f7a29d9540163cbb88782af3e
c31475200f1f8b9c11c1a3c809c87268e8f4334f687a93be5298a0377f6451ef
GET /code/wp-content/plugins/google-syntax-highlighter/Styles/SyntaxHighlighter.css HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: text/css
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1080
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shCore.js
110.232.141.86200 OK 4.0 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shCore.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash e905601e840ebdd7d1dc34e13aca1da2
9de6697346a13ab8e7719492729d2d3609ad677f
44bb8bc8a688eb775a815308c154d5ae4a62e14740240f6ccbae74d8701e7ce8
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shCore.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3963
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCSharp.js
110.232.141.86200 OK 972 B URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCSharp.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 8930b380d0a264daa999b946d8f57ae7
9278206e4d30505fae2d6da2f385e26fc635bb17
a289c820475836e9da74c2f8d4ecef2ea780b818773d9da1b508157402aff267
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCSharp.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 972
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushPhp.js
110.232.141.86200 OK 1.8 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushPhp.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 52ede487838c68f284f1cf162427d0b8
d269f3284a0aec1bd3b7d4f9ddca84481bf83029
4c7fc9912e26073d44c1abe7b614f6fe6dc9d40c3ae634e5b948752737218121
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushPhp.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1760
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
110.232.141.86200 OK 31 kB URL HTTP/1.1 www.abctutorials.com/code/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with very long lines (65447)
Hash 554969c8ed0e4b5eece1261c4e1e9cd0
3b514b21c2e26b2caa15054e43ed00184a8ebc38
4a10709ca76c5112fbaf69e065b4ef93dd37bcffd4ae39b351e56d40c9322123
Analyzer Verdict Alert fortinet Malware
GET /code/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: application/javascript
last-modified: Wed, 25 Aug 2021 05:57:01 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30969
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushJScript.js
110.232.141.86200 OK 610 B URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushJScript.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 1927f56184770fdd35eecf180691573c
39b4a9e0b70b9142db4b6bbccf26eecf984648a8
ba7505557e55c5e255609b9793d083981ba39a82e4edbbfc6e049fd831c5361e
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushJScript.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 610
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushVb.js
110.232.141.86200 OK 897 B URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushVb.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash daeb97e090887c8cae75d79960720c56
cf6433f1ec8840e1ee80879a26b7d94509c1eee5
080f05798a80d23655a33eca311c02143c4a2500e2d820300867294c4c10b5ac
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushVb.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:47 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 897
date: Thu, 08 Dec 2022 15:24:47 GMT
server: LiteSpeed
fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
142.250.74.35200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14060, version 1.0\012- data
Hash aacf0f4f8b5d693087b4d8ac6c86d2ae
ad06f3ffd0db6034eb0a12f98aa8aa4dead430fb
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
GET /s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.abctutorials.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14060
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:19:28 GMT
Expires: Fri, 08 Dec 2023 06:19:28 GMT
Cache-Control: public, max-age=31536000
Age: 32719
Last-Modified: Mon, 18 Jul 2022 19:44:57 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.abctutorials.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 19:26:03 GMT
Expires: Tue, 05 Dec 2023 19:26:03 GMT
Cache-Control: public, max-age=31536000
Age: 244724
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushSql.js
110.232.141.86200 OK 1.2 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushSql.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash dbc8220acaff3c56455d9f105a661685
d5fbc2ba9c6edd09b24b4e6b8e329110d5e294cf
1ccb190727e7a009846bb7baeda285843a940a11e7838fb00f986aa0dbe9c392
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushSql.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1187
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushXml.js
110.232.141.86200 OK 1.0 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushXml.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 68af8cd91a3cd6ed64dae96fd32f6c07
0d8af7bb951849a8c4d1e865171ea16c717e2cc1
8be96f9a6893bae876cb1381af273f91cb3c481298a4a4ab6034276969a8761d
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushXml.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1024
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushDelphi.js
110.232.141.86200 OK 956 B URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushDelphi.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 946545da82e4be58ab28731f4e25ab5f
78339b559884359af1c46baf1d219ef882fbaa67
0de449da9309d631365aa6ed0233390799a97aa7ede659639deda2df3fb2c93d
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushDelphi.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 956
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushPython.js
110.232.141.86200 OK 671 B URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushPython.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 8f80409b6c6c1d1ad29c056bf329faed
eac59a90ff03bf2b5c5d60cd1f0b41fb5fdbd705
90c8c4bf892d3ca9777c62e39e442c7c2ecabcac99d59f52bd0a42fffb27875d
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushPython.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 671
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushRuby.js
110.232.141.86200 OK 808 B URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushRuby.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 6ff3c7c5208a78e82254a958ef69d739
d1589a620f79acc0030f5d91aaec6351af74300a
1098c9e222356b5f0bc80872013a7ef3277fc7aa58849bba4466b5f691104c19
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushRuby.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 808
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCss.js
110.232.141.86200 OK 2.0 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCss.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 196347c8a916536c539f47f469295179
502396fca27eb47215b387d06844fa4f5a83ab17
02e333727223d7ba09cfba4911ece54ea5dc23d53694916a929fa0e7750cb4d3
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCss.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1962
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCpp.js
110.232.141.86200 OK 2.1 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCpp.js
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with CRLF line terminators
Hash 9061a774705ddf1d4054c981dc674bde
b5dc0b723fdd8c97c1e95c58b5ef9100a5265f2f
4ba73c029130068a314d654dcb84ec89290bae65cd6323d1d8e88214390f3deb
Analyzer Verdict Alert fortinet Malware
GET /code/wp-content/plugins/google-syntax-highlighter/Scripts/shBrushCpp.js HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Sun, 31 Jan 2016 07:34:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2057
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/themes/helpguru/js/functions.js?ver=5.8
110.232.141.86200 OK 420 B URL HTTP/1.1 www.abctutorials.com/code/wp-content/themes/helpguru/js/functions.js?ver=5.8
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
Hash 79025487d758df1f770a57ed13fc4afe
44ec8134c70bd307c5c93047ce21b5090ddf7f43
d571492e9949b8589f652632cdf54e2db6039397a210fa7ee8f002ed7eacdfa5
GET /code/wp-content/themes/helpguru/js/functions.js?ver=5.8 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2016 03:04:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 420
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/themes/helpguru/inc/ht-core/js/jquery-picture-min.js?ver=5.8
110.232.141.86200 OK 1.1 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/themes/helpguru/inc/ht-core/js/jquery-picture-min.js?ver=5.8
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with very long lines (2166)
Hash 7396b22eb9720ed79cebd00a316663ba
13214c687dfd75cb27eeba0205c63d08f0367ea7
65c2bad564aaf41403d27c59b2317acb57cf838635589cf2af5c71ebded72d7e
GET /code/wp-content/themes/helpguru/inc/ht-core/js/jquery-picture-min.js?ver=5.8 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Tue, 16 Aug 2016 03:04:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1135
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-includes/js/wp-embed.min.js?ver=5.8
110.232.141.86200 OK 769 B URL HTTP/1.1 www.abctutorials.com/code/wp-includes/js/wp-embed.min.js?ver=5.8
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with very long lines (1391)
Hash 82e67f050afdb38c20ac6eb305f97c17
df1349df76d66a9cf64377cf335c67c337d85470
5f6c33116e2106cd0f2f28c16062f1d584e74b8539a14ed45e17957634d71b7e
GET /code/wp-includes/js/wp-embed.min.js?ver=5.8 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Sat, 27 Mar 2021 02:25:08 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 769
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/uploads/2016/03/ABC-Tutorials-LOGO-1.png
110.232.141.86200 OK 8.1 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/uploads/2016/03/ABC-Tutorials-LOGO-1.png
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type PNG image data, 336 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 7417509ccefdbb3ddb456064cc1b9f51
f176652f517e233e18f1604c400edf524ad70334
61d9c239bd23fd308df7328aa94dcb1aea3b02195773065adf7608965ea02fdf
GET /code/wp-content/uploads/2016/03/ABC-Tutorials-LOGO-1.png HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: image/png
last-modified: Sat, 26 Mar 2016 05:50:08 GMT
accept-ranges: bytes
content-length: 8111
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-includes/js/wp-emoji-release.min.js?ver=5.8
110.232.141.86200 OK 4.9 kB URL HTTP/1.1 www.abctutorials.com/code/wp-includes/js/wp-emoji-release.min.js?ver=5.8
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type ASCII text, with very long lines (15224)
Hash c5861eec8c65717219134960db9e361e
7a9a5ed5ca3de9e30fa3c14d1ada2ecb6eb4505f
b96639b87d4a408e9cddadc6f2a1228cbb20678f3f069785fe0614c0db78430d
Analyzer Verdict Alert fortinet Malware
GET /code/wp-includes/js/wp-emoji-release.min.js?ver=5.8 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: application/javascript
last-modified: Wed, 25 Aug 2021 05:57:01 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4937
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/uploads/cache/2016/03/cropped-ABC-FA/3914855956.png
110.232.141.86200 OK 17 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/uploads/cache/2016/03/cropped-ABC-FA/3914855956.png
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e7f21be3a034d4f6ac03703592850f85
e21ddec867a419a69d4695e1dcdb2c5cd9e9d602
88a5d593b87dd277c0cb9b36b443cbbc893b909f2869a5adfd3811da85fb5dee
GET /code/wp-content/uploads/cache/2016/03/cropped-ABC-FA/3914855956.png HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: image/png
last-modified: Sat, 26 Mar 2016 05:54:06 GMT
accept-ranges: bytes
content-length: 17298
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/code/wp-content/uploads/cache/2016/03/cropped-ABC-FA/2264383334.png
110.232.141.86200 OK 1.2 kB URL HTTP/1.1 www.abctutorials.com/code/wp-content/uploads/cache/2016/03/cropped-ABC-FA/2264383334.png
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 81ae7971d0cd5202a6f0a1769efe29b1
2c72463f4e707f9429984c2e19f837f62bd36c98
5cb249d2a5dbd691ed996eb831a124adc0f0431c1551ddca162a13133d2c851c
GET /code/wp-content/uploads/cache/2016/03/cropped-ABC-FA/2264383334.png HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Thu, 15 Dec 2022 15:24:48 GMT
content-type: image/png
last-modified: Sat, 26 Mar 2016 05:54:06 GMT
accept-ranges: bytes
content-length: 1231
date: Thu, 08 Dec 2022 15:24:48 GMT
server: LiteSpeed
www.abctutorials.com/?wordfence_lh=1&hid=48E3E35B8E377278723BBF2FDAE8050D&r=0.9672973810501
110.232.141.86200 OK 0 B URL HTTP/1.1 www.abctutorials.com/?wordfence_lh=1&hid=48E3E35B8E377278723BBF2FDAE8050D&r=0.9672973810501
IP 110.232.141.86:0
ASN #45638 SYNERGY WHOLESALE PTY LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?wordfence_lh=1&hid=48E3E35B8E377278723BBF2FDAE8050D&r=0.9672973810501 HTTP/1.1
Host: www.abctutorials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.abctutorials.com/saturation076/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: RCAUMnr=1; expires=Thu, 08-Dec-2022 18:24:48 GMT; Max-Age=10800
link: <http://www.abctutorials.com/wp-json/>; rel="https://api.w.org/", <http://www.abctutorials.com/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json", <http://www.abctutorials.com/>; rel=shortlink
content-type: text/javascript;charset=UTF-8
x-robots-tag: noindex
content-length: 0
date: Thu, 08 Dec 2022 15:24:49 GMT
server: LiteSpeed