www.ulusegara.com/
192.185.120.86301 Moved Permanently 230 B IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cd27f44ab9eee7289d1e14695cc92ca1
c97a59f17470e57fdb9ae572b8e9d8a15da70294
3370d9035d4c406048e1d667cc3ff2bcd9ba2c8650718e60c2c25846621343d1
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 04:48:32 GMT
Server: Apache
Location: https://ulusegara.com/
Content-Length: 230
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8043
Expires: Thu, 24 Nov 2022 07:02:36 GMT
Date: Thu, 24 Nov 2022 04:48:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2206
Cache-Control: max-age=109169
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:33 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:08:02 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 04:18:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1778
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10042
Expires: Thu, 24 Nov 2022 07:35:55 GMT
Date: Thu, 24 Nov 2022 04:48:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xEzyKi8iN64FE0a2XEt8iWMIxZVjkggmiyqMIl0zDBRMaZd96Qnzded/tLXtiaDAMyciC+h07d4=
x-amz-request-id: TR94W57KHNF6111M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 04:40:16 GMT
age: 497
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 04:48:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fa0b3495e27968c254dffb150419cc8
aeb1ac9c5d2fd39403a25203dd3d53d3339099a5
a0e9ae00f906529bdcd5bd6c8b712456169196a7bc894b82c5b9562a19c8bad8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0E9AE00F906529BDCD5BD6C8B712456169196A7BC894B82C5B9562A19C8BAD8"
Last-Modified: Thu, 24 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Thu, 24 Nov 2022 10:47:51 GMT
Date: Thu, 24 Nov 2022 04:48:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 04:08:53 GMT
cache-control: public,max-age=3600
age: 2380
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5275
Cache-Control: max-age=107175
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:33 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:34:48 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 409CFFNjfCYkT/zTiqWV+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gsTN+3bseR7KiUqsTe899IMeWwA=
cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css
151.101.85.229200 OK 1.6 kB URL HTTP/2 cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css
IP 151.101.85.229:0
File type ASCII text, with CRLF line terminators
Hash f4635bd71bfbcd97a6080b4aa529979a
36e94cac9540fde52845762ec820c2f84fe111d4
495596f0c3d2598399fb68b56afefa93538a412398eca989e66fdd259279969f
GET /npm/daterangepicker/daterangepicker.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.1.0
x-jsd-version-type: version
etag: W/"1f85-jqRIojRLzDZKkujJKC/BWFh0US4"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 04:48:34 GMT
age: 1397
x-served-by: cache-fra-eddf8230065-FRA, cache-bma1621-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1621
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ulusegara.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.7
192.185.120.86200 OK 4.5 kB URL HTTP/2 ulusegara.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.7
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21597)
Hash 7f01d3c2dd8fdc231241f6a3b10def8c
76646b14e9ce97d384b9adb20c622f09c7ecd140
999c4a983cd4b5a1a7652aa436630a18c1a6dbf91de090c903ab507b07df536a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.7 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 03:11:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4487
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.3
192.185.120.86200 OK 1.3 kB URL HTTP/2 ulusegara.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4186), with no line terminators
Hash 91bab39b98d7e5c1632717b9ebe349e4
e639a447d06fc7827be5b5b35d603ff16b5f7bb1
47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1298
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
192.185.120.86200 OK 3.2 kB URL HTTP/2 ulusegara.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11256), with no line terminators
Hash 1054d0d53548e8bae51665b11acc6413
2eea6a05fe18db61fff58c431d34a86b3e0b7ade
cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Dec 2020 07:31:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3239
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
192.185.120.86200 OK 17 kB URL HTTP/2 ulusegara.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Jul 2022 20:10:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 16594
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
192.185.120.86200 OK 5.3 kB URL HTTP/2 ulusegara.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 03:36:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/
192.185.120.86200 OK 46 kB IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c4b9a73c3377a3b555f16961a5c8a61a
eb7a88bd1a89aca14fb85a288f928768671f20cd
0a529a2556b715881b329c2a8faa989c7e0c9425705fa911ea8bd796c6eeb674
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 04:48:33 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-157590608-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-157590608-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 5153f93b1e708bbf5155e71fc8968228
cc293239300ab49d2b6c34bb49242b8325b9d24c
21f584155db79e548393b5a756d848ccab063857a668deed0890fccabcbfd520
GET /gtag/js?id=UA-157590608-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 04:48:34 GMT
expires: Thu, 24 Nov 2022 04:48:34 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:400%7CPoppins:400%7CMuseo-Sans-500:400%7CPrata:400&subset=latin&display=swap&ver=6.0.3
142.250.74.10200 OK 31 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:400%7CPoppins:400%7CMuseo-Sans-500:400%7CPrata:400&subset=latin&display=swap&ver=6.0.3
IP 142.250.74.10:0
File type ASCII text, with very long lines (32033)
Hash 5d9e543ee1e3c7da69555e3fa79667d7
29572c329b6b40e70d373199737e16db18bd35b3
eb4f37dac131c6f366692aa6a1fd8ffaaf0c777e4ba12853c80e328b8b6be9cf
GET /css?family=Open%20Sans:400%7CPoppins:400%7CMuseo-Sans-500:400%7CPrata:400&subset=latin&display=swap&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 04:48:34 GMT
date: Thu, 24 Nov 2022 04:48:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:400
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:400
IP 142.250.74.10:0
File type ASCII text, with very long lines (32013)
Hash 275e90c708401a021db2b907ba5dafab
ca38694cc5d8f6d3dd830b76a9d4aa2b0f18ba75
857108c3df1f303bdc049d971dd705a24e2520570bfb110d308e82964f086a75
GET /css?family=Poppins:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 04:48:34 GMT
date: Thu, 24 Nov 2022 04:48:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js
151.101.85.229200 OK 7.4 kB URL HTTP/2 cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (32269)
Hash 287abfa083ebe2026a7202466bf9d5fb
539b66f7fd1f648756615ebd58e740e3eab658ea
5ff9892257544a8b12ae475dd5e65fb99004f8b94cbc784566eb46c7f3ff2c90
GET /npm/daterangepicker/daterangepicker.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.1.0
x-jsd-version-type: version
etag: W/"7f60-yn4DlHkED3KaP/biww3JCbN4kvM"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 04:48:34 GMT
age: 9435
x-served-by: cache-fra19132-FRA, cache-bma1621-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7409
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
104.17.24.14200 OK 6.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20831)
Hash 368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102
GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 04:48:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1690
expires: Tue, 14 Nov 2023 04:48:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeQ2xKeqSBFCiU7glTVqwvWmiIqojAaikIKxTW%2B%2FLeNh0YLXpcA55i7np9T1bkyy9amh7wKGH8hz0QJvkapwDU%2Fpyly01qp3zI0NHwRj14myUMhg01aJPutotAtb7H%2Ba0YtVRNv%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ef835a5d7afac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1
192.185.120.86200 OK 16 kB URL HTTP/2 ulusegara.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 2c3a85c400e4b27cff3817dce8661a31
d5bba83a2e0469958b2234c4c901023baaaec99c
3bba735e11541fefcdb9c1d6caacb0e62cf25ad560d37a27e973c5181dc18ec7
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 15594
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
192.185.120.86200 OK 11 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 99e5163da5af7fe9e26d42266d2144db
016f5ac1ffd864ba0656e919b1225dd14237e42d
b182458d10139146d8b986c07bafb95849134a58ec61b62027a4114a152d5ddd
GET /wp-content/themes/ave/assets/vendors/liquid-icon/liquid-icon.min.css HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 10630
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.5
192.185.120.86200 OK 7.0 kB URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.5
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30449)
Hash 61fc673259be88dcedc1a85c0614511c
7967199fc67d6434075da8a02add9c3e69d5d5a0
d62aff2326cc8b721afc3c9f511026d3d20a4bff9696fed7ad9d4cfd818ed443
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.5 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 7022
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
192.185.120.86200 OK 14 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (56219)
Hash fc2335b4b5a562cd9fe5ad14bc63b80d
b468adfca143ac3faae02381aeafc552271fcc13
7d0feb00845125af23edfa17b2565eed318a6db63ea6a9ff36ec99a11994ad80
GET /wp-content/themes/ave/assets/vendors/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 14349
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave-child/style.css?ver=6.0.3
192.185.120.86200 OK 291 B URL HTTP/2 ulusegara.com/wp-content/themes/ave-child/style.css?ver=6.0.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 52ac133a8e398a107cfcef499ed52e83
6b722ee03da546672b06f5584d2883b158e7b8f5
574f9bd35047f351103c1dba337332dd6d54db715f6cb1d8d20b281be413d8e2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave-child/style.css?ver=6.0.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 291
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/style.css
192.185.120.86200 OK 948 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/style.css
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 212d818b5f7144adcf4df64fbd3b1549
a23ecc3ecb55a5131ecaaa89c04fd4028f7e294e
5329a95ac2abd1632a86a7a66f429f45f19aaa09dc2a4bf25b54555bff57928f
GET /wp-content/themes/ave/style.css HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 948
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
192.185.120.86200 OK 324 B URL HTTP/2 ulusegara.com/wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1463)
Hash 4ecb6c5ad9a692175bef6dfe695e5c77
c27cec05ce42d67aafb718ff65a617e1c0b00f3b
8626cb921aae1893f6232a0a1501fbb155b623b9f138922988507c451c0593a0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ave-core/assets/css/ave-core.min.css?ver=6.0.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 324
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ulusegara.com/wp-content/uploads/liquid-styles/liquid-css-10.css?timestamp=1659680802&ver=6.0.3
192.185.120.86200 OK 589 B URL HTTP/2 ulusegara.com/wp-content/uploads/liquid-styles/liquid-css-10.css?timestamp=1659680802&ver=6.0.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1500)
Hash 52360fa0e88ad924e88a078648076f19
df75e9c94a43a30e45ca60c8bf722b404dbfa9da
62dae940b9949af4e0d807ae0f6543f62ad3b7ae52174cdd7bffd5d03fa326df
GET /wp-content/uploads/liquid-styles/liquid-css-10.css?timestamp=1659680802&ver=6.0.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Aug 2022 06:26:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 589
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/flickity/flickity.min.css
192.185.120.86200 OK 713 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/flickity/flickity.min.css
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1992)
Hash 19fb27050d8aa47ddc1443bf0f454a53
4d332f85fa8605b8fbdae0c1bd06962491fbea72
f1401482f69cbce4711fb67d3c805e9fc932980964633102a9547dcab1a67507
GET /wp-content/themes/ave/assets/vendors/flickity/flickity.min.css HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 713
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
192.185.120.86200 OK 1.1 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/lity/lity.min.css
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3324)
Hash 80a154ee40826c472e14389416f3f69d
0d2f3ba8eb7592b54658b0cd41d0fd22983194d4
841658ff5593c923d739f11e7b942d97cecb79d537bf9ed37641bbdd1353776e
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.css HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 1119
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/themify-icons.min.css?ver=1.7.33
192.185.120.86200 OK 2.8 kB URL HTTP/2 ulusegara.com/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/themify-icons.min.css?ver=1.7.33
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13829), with no line terminators
Hash 8121fc30644849f80ed31dc21020a7a1
3d9b5c993796ee943c04e3508f4ca2713b7811d1
9b887bb42d8d0681031269ac556972c0c0f1d5837809f0a013cd3404faa30d99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/3d-flipbook-dflip-lite/assets/css/themify-icons.min.css?ver=1.7.33 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Aug 2022 05:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2794
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
192.185.120.86200 OK 2.6 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/modernizr.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5404)
Hash a218b944ec7df3f3ef0e90a476cc9eca
b6f48e4544adf348b8220191271f81e2272f9f6e
4fe8f8d55a024937eb65d2d15481399c7832701066e31f26dd8da48488fc4f1f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/modernizr.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2637
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.120.86200 OK 4.6 kB URL HTTP/2 ulusegara.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 05:32:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/dflip.min.css?ver=1.7.33
192.185.120.86200 OK 8.0 kB URL HTTP/2 ulusegara.com/wp-content/plugins/3d-flipbook-dflip-lite/assets/css/dflip.min.css?ver=1.7.33
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26930), with no line terminators
Hash 8edf5d98d7ad5e0dccaec5e72d348c1f
6b5982a60c457ee82694ef8ea3646d7d22526cf7
c352dd777ac00d5795d02ff18bdffa79e7b12a8031ff0238b1bdfa2c31b8f304
GET /wp-content/plugins/3d-flipbook-dflip-lite/assets/css/dflip.min.css?ver=1.7.33 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Aug 2022 05:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 7976
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/inline.js?ver=1.0
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/inline.js?ver=1.0
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/inline.js?ver=1.0 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 0
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
192.185.120.86409 Conflict 83 B URL HTTP/2 ulusegara.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1580203167&ver=6.0.3
192.185.120.86200 OK 14 kB URL HTTP/2 ulusegara.com/wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1580203167&ver=6.0.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c587d27d38308caab5842881c7747f11
8368fb2285e4ce10f4302ea4a5f28f2573f00abe
37dc5920a5b397855972c35ba5b09e220ec8b24eb2e603c7a4c8ded709fe0dfa
GET /wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1580203167&ver=6.0.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 14168
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
192.185.120.86200 OK 5.7 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (22932)
Hash e7f3becb8db34968b5660fb5e307eb90
762b7a4e3fb23f1791490b07bc9b68bb9ad2c3a6
f78793809ec8b8f47fbf51fd6ed4cd9fb10f63f6ade000c93fbddfae2bc5d035
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 5739
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
192.185.120.86200 OK 8.1 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/fresco/css/fresco.css
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash f8a4ff12f0769acdedd843a28015e03d
be77ade9e0b4fc02cb68bee7e5ce8b2cd9ad60aa
2616a8abafb60aa9c7ab81af541d90f35904227475c83828f25c81c29ad6b24a
GET /wp-content/themes/ave/assets/vendors/fresco/css/fresco.css HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 8081
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/logo-white-152x97-1.png
192.185.120.86200 OK 6.5 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/logo-white-152x97-1.png
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 152 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash 098cfb436e7a31867dc8096cb31d18d1
5a92fa4def1688d542f921caa762a00fe9717538
b3c0f65b9b13b656844687fdb4f7e6ac09ed45078f962da62a2c8f25aedbe57f
GET /wp-content/uploads/2020/01/logo-white-152x97-1.png HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 6491
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/logo-black-152x97-1.png
192.185.120.86200 OK 10 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/logo-black-152x97-1.png
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 152 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash 13f1630d21d397f7baba0b5cfd48e907
61b5d833cd10d6df3955444d3bc3994a56f1fbd9
fa07e5abdf712b468a7d4b1b52a96278efcf2040e767ffaeeef2742a20f2f6a8
GET /wp-content/uploads/2020/01/logo-black-152x97-1.png HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 10268
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/ig4-100x100.jpg
192.185.120.86200 OK 4.5 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/ig4-100x100.jpg
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash c4bf84947258c33b02214d3d20f00608
e4c8110ce8caa89145bc942cf1adc6afa8f5bd88
d5b098df3ad041bd157a843fa8664a9c6ede73a52c51038ffbae0efcb17b70cd
GET /wp-content/uploads/2020/01/ig4-100x100.jpg HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 4539
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/ig5-100x100.jpg
192.185.120.86200 OK 4.3 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/ig5-100x100.jpg
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 3a49944b58e9d24ad05f0d131f63467a
466f9b6a5a4bb3ad0e044d8f85d888ded56bc124
63c187cb46c97e875ee679fd4512e2f2b537e547ca22519b0ebb3c4b55a9c096
GET /wp-content/uploads/2020/01/ig5-100x100.jpg HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 4308
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/ig6-100x100.jpg
192.185.120.86200 OK 3.9 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/ig6-100x100.jpg
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 5bb0ea8e78a5a3ad44dee01be0262421
e22eeaa1cd7b6f28b6e719bcf58ef93bea95a43c
e07ddc16a05230fb67f7dfab2e44b91b7cd0602be70a313aa88c578be97fbfe1
GET /wp-content/uploads/2020/01/ig6-100x100.jpg HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 3867
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/ig7-100x100.jpg
192.185.120.86200 OK 3.6 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/ig7-100x100.jpg
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 0a8f0375008118ce4234c0ef932cd3a3
8fe8719bfc371ce98f4953f011cd8fbf45298d87
ba30b34799c97c0e1238fe56e9708faa23162e2c6485be53800f4b79a0407f6a
GET /wp-content/uploads/2020/01/ig7-100x100.jpg HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 3578
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/ig8-100x100.jpg
192.185.120.86200 OK 4.2 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/ig8-100x100.jpg
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash fd98f5908448b229b7ee220fb2479be7
0f0df7bbee8b636f5de97fd9d0f53f8ee3be3974
f8a3ceb7cf3b7711dc737b459468b08f622f67851182049e5cd561de34459096
GET /wp-content/uploads/2020/01/ig8-100x100.jpg HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 4211
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/ig9-100x100.jpg
192.185.120.86200 OK 4.7 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/ig9-100x100.jpg
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 9f2f53e8a9131b9993ceeffc17e1e310
fa98b55165ba6086166a5e9347cce53cd4d43a47
63a20732eaa7c6c2b13331de7c9477b1dd9778b65f6f81fb54cc983b023abb6d
GET /wp-content/uploads/2020/01/ig9-100x100.jpg HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 4717
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
192.185.120.86409 Conflict 83 B URL HTTP/2 ulusegara.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=6.0.5
192.185.120.86200 OK 4.3 kB URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=6.0.5
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21066), with no line terminators
Hash 0c70b75e355d454b8eaf9bf7cf273410
64ffab28fb5efe35c6ff0931b25eac436b1764d7
3564d8d12778c93c135a892f780f6506dd4d30200c9dc4a5b6937bdae8befbfd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/prettyphoto/css/prettyPhoto.min.css?ver=6.0.5 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4321
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
192.185.120.86200 OK 4.3 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8499)
Hash 0b599d6d8c52267fe8993bea77c3fafc
c613494ca9a734b936e2457ed27cc0e45f54a01f
93d8a05e26f38952115ec40451f2d61ca7d27f4d412cbbc719cb292d18a8ab46
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/greensock/utils/SplitText.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 4305
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/js_composer/assets/css/lib/isotope.min.css?ver=6.0.5
192.185.120.86200 OK 205 B URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/css/lib/isotope.min.css?ver=6.0.5
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (798), with no line terminators
Hash e99ff0f7d0cd91f4025cc26e16593a70
dcb9564804f29321946f40b6d2a9f616f6666064
4349fb4d7acc5897ad316b3d34c631df3b69b06b0640f171f1fdd1ef0e0ac452
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/lib/isotope.min.css?ver=6.0.5 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 205
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/StackBlur.js
192.185.120.86200 OK 3.2 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/StackBlur.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5936)
Hash 42bebed6e4de202d3497566021e2b6a1
abf949008c6cc42af500be9afe1546a3dfae6e51
16ac946b3b46ad9efe4d74b1e777c8cd39ddc308bf359c3932adbd583d1c9579
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/StackBlur.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3247
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
192.185.120.86200 OK 3.1 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/lity/lity.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6485)
Hash ed1c37d7161f16b3fd42eee4d57e7e3f
c884947228b4476a3479513b0218ff9c4603bee4
4e3ca6dd2729816c8c73d0ca761117f1e9bf8a4c3d90f2ffbdce2529f9fccad5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lity/lity.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3099
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=6.0.5
192.185.120.86200 OK 2.7 kB URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=6.0.5
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6832)
Hash 96e94a8fe1e37e7341ec30bd6eaa7d4f
598f9b362bf9cb53eef22cf7e25f1e8125313fbb
b1e3337eb915c8ad65b976dcc88db6ea00424382453184af337b1c3ee193357d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/imagesloaded/imagesloaded.pkgd.min.js?ver=6.0.5 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2712
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5
192.185.120.86200 OK 7.3 kB URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20382)
Hash d651163f7e58f2c6f8b5fcb41b4561f2
8abf58d69736ac0263abcb20d86779fae64ba646
744329a781dc063d373b72398025665e48805a2fa3299ebc2aea8686f6df7334
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 7284
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
192.185.120.86200 OK 3.0 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/intersection-observer.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6765)
Hash ace40893a0b8429009831f75cbfb7766
193b05050d4bfe870dcec864d72fe3cb692017d4
ddb656da011441bfc15b20beb4ffc75205d56d1171acaecad2a78bc414b9efe4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/intersection-observer.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 3013
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/js/mailchimp-form.js
192.185.120.86200 OK 663 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/js/mailchimp-form.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 06710791c029997578655b00a6ce19fa
c2f87dce9b3a60fb6ede71a7dcc616e3c21e668a
d237396453152c2efd67062b6078a8ee9a927a09ef7a3ff171a3416a6ef0d5ed
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/js/mailchimp-form.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 663
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
192.185.120.86200 OK 2.1 kB URL HTTP/2 ulusegara.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Dec 2020 07:31:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2103
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
192.185.120.86200 OK 7.3 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17329)
Hash 067938520a01f0ddcc32346d06355e3e
db6da5261c7b8e75888365e086a4ca331c355221
64885b3d5e06d4c737fca9a629f6627ecde8cc2bcdf4159711649cea2e1e7a43
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/scrollmagic/ScrollMagic.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 7291
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/anime.min.js
192.185.120.86200 OK 7.8 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/anime.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17169)
Hash edd43332db3595519909752be37e3bcc
6ea1ed48dfba24e4d5239fc431114a9bfe5d3b9d
8a13cae54c0f8838a9e495b2c3c99479c3189e8b9d61252e01cd8278f750f6df
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/anime.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 7830
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
192.185.120.86200 OK 5.5 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/tinycolor-min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14677)
Hash 6335f9233395367ef57c6e411957bb4f
058e15040debec70904cf1ce4b261d27b304cb38
ce64fd278404ed07eb5f9b471d8321bad780f6cc0d309c66040263aad5d6ebf9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/tinycolor-min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 5520
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
192.185.120.86200 OK 2.3 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/lazyload.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5543), with no line terminators
Hash cabba4b5556057aa7455e050ef568f1e
180b3e072e66780625553f314210c0abbb586c0e
18838fc148945b68fcc388d9d17748b41153947202dffd1f4b18dcd7ab362d7f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/lazyload.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2294
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
192.185.120.86200 OK 10 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26402)
Hash 038a5fcace8d643b5b0c0eec5d346e4a
c643f10ed292b3ecc91437e25955d55f474f48d7
e5b19a076126684404a7c82040dfaf28fb97bda47b749e4827e223907407a480
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 10344
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6007
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 04:48:35 GMT
Connection: keep-alive
ulusegara.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1
192.185.120.86200 OK 90 kB URL HTTP/2 ulusegara.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8c896fd93cbc515adadbb2712c30fb9d
fd6622ddf4248c1aab1c7427855d3fe18a6aafb7
b7730d3a23e1c136f53167c8610826a32048a13ad9757a8048afd7e6838cfd38
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6007
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 04:48:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6007
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 04:48:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kkI9Vh2vZeJPwz2JVL5MErsBBwk8-2Jo49yc0sFqv5pxIyBi6azFIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
age: 24672
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.wp.com/e-202247.js
192.0.76.3200 OK 12 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash e8494a682e20f827b1d65cddb7ddd02d
2244ad15f6cce26ca311db47014290ca2f104660
254a74b8c3e23a0f0d8d23bbe2e3a494988c52acb1c3c103341ed7a38088196b
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 04:48:34 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:19 GMT
age: 24676
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/js/theme.min.js
192.185.120.86200 OK 81 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/js/theme.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3a6a10028cd2ea5ba7566054c4219556
6a3a7497ee8438ca551bb3343558dd5a5fc59ad0
5b841562dfefa8c76b5aed0a6846c0cbcdb59d6c305e4115ca5bbf9c8f1b803c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/js/theme.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:15:15 GMT
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
age: 77600
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ed43-823b-41a5-9073-733ac15040d1.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ed43-823b-41a5-9073-733ac15040d1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0dfc05d73111c498bb0e844105a02f6
10a988580bb7a1be72be5dd50d2aef9789f36b62
3852f331fe12a0a8e6007409f043da6aabadbb8f2883e87ae72ca8d70d31727f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ed43-823b-41a5-9073-733ac15040d1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10667
x-amzn-requestid: 985ed1c6-49ed-4851-8a79-f700bbe027c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsGkSIAMFvDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-260dc99256e117e85643b441;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _fs5EfJzWkPQB-Ur7_YVmCHySMj_WXiHUCK8w2nWYvrJSkDaquq37g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
etag: "10a988580bb7a1be72be5dd50d2aef9789f36b62"
content-type: image/jpeg
age: 24675
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ulusegara.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:53:39 GMT
expires: Tue, 21 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 208496
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 04:48:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 14c1fb2ca84f07c14bccdafd36ade749
7770e400878690a634324696e562ec8e8842c209
44ee175f74122ad75d400a068e4a9cebe4e6f4064ccd834d0bc22528fb03f684
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89960
Date: Thu, 24 Nov 2022 04:48:35 GMT
Etag: "637da791-1d7"
Expires: Fri, 25 Nov 2022 05:47:55 GMT
Last-Modified: Wed, 23 Nov 2022 04:54:41 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wBTYdduMkd8M7zWXRTdJML3FBxN4zTV3Yw0PIZdIdxnIyzILwNzdIw==
Age: 3194
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 14c1fb2ca84f07c14bccdafd36ade749
7770e400878690a634324696e562ec8e8842c209
44ee175f74122ad75d400a068e4a9cebe4e6f4064ccd834d0bc22528fb03f684
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88545
Date: Thu, 24 Nov 2022 04:48:35 GMT
Etag: "637da791-1d7"
Expires: Fri, 25 Nov 2022 05:24:20 GMT
Last-Modified: Wed, 23 Nov 2022 04:54:41 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bBrqP-Odzqv5BY0L-kLznFOEcm-g6Q8CvZwBN_vnv9AWvGk3DtUbqQ==
Age: 1779
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 14c1fb2ca84f07c14bccdafd36ade749
7770e400878690a634324696e562ec8e8842c209
44ee175f74122ad75d400a068e4a9cebe4e6f4064ccd834d0bc22528fb03f684
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89031
Date: Thu, 24 Nov 2022 04:48:35 GMT
Etag: "637da791-1d7"
Expires: Fri, 25 Nov 2022 05:32:26 GMT
Last-Modified: Wed, 23 Nov 2022 04:54:41 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SmDbuqm0NkH49AhHcgYd6O0z-Vf_3NGNb5vDhy-hadfeNcgBubkrxA==
Age: 2265
s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/styles/omnih-app.v.1.3.js
52.219.124.206200 OK 1.1 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/styles/omnih-app.v.1.3.js
IP 52.219.124.206:0
File type ASCII text, with CRLF line terminators
Hash 1ec5ecb360bb056d1272e8d4db642384
844a382604b8db0453cbcca144566eeee76d11d7
dbc8145786bb1fce4393624808fb916f3370c67b7efed2593cfd5007b6203974
GET /cdn.omnihotelier.com/assets/styles/omnih-app.v.1.3.js HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +w8zp+Frb2ey3+GP4pUiAFNUetQUq9fG+e4RXPvqiJiJbHLyTmTTfB3ZZ9besQz1qPhBOM1NSTg=
x-amz-request-id: JNQ4MGR2K6N1NC1S
Date: Thu, 24 Nov 2022 04:48:36 GMT
Last-Modified: Mon, 11 Oct 2021 08:20:51 GMT
ETag: "1ec5ecb360bb056d1272e8d4db642384"
x-amz-server-side-encryption: AES256
x-amz-version-id: u4KwtMQYWmUTg3cpsT5w2FzlsOeuTtVH
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 1132
s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/styles/omnih-style.v.1.3.css
52.219.124.206200 OK 4.3 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/styles/omnih-style.v.1.3.css
IP 52.219.124.206:0
File type ASCII text, with CRLF line terminators
Hash e1de939b6feee04268fda11a0342f426
e4b793b92f71196855348b5edfb729bd7afa951e
7d81e737c29972b7716ed9c6fd35b39f793f00b13a6c8c9c61fae508a54261fd
GET /cdn.omnihotelier.com/assets/styles/omnih-style.v.1.3.css HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: sgZXwzOnJtsOa8HSkenvy91UWRL+IbtCKRhjRgQk0TqKNKJ74m0hPMV+weibpJzxRXHbX85frHg=
x-amz-request-id: JNQ2SK6AR9Q70HD3
Date: Thu, 24 Nov 2022 04:48:36 GMT
Last-Modified: Mon, 11 Oct 2021 08:20:51 GMT
ETag: "e1de939b6feee04268fda11a0342f426"
x-amz-server-side-encryption: AES256
x-amz-version-id: SrdGSEJgh5lRIldZn9zEUcoOvKSmN_EG
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 4276
s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/styles/bootstrap.min.v.1.3.css
52.219.124.206200 OK 206 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/styles/bootstrap.min.v.1.3.css
IP 52.219.124.206:0
File type Unicode text, UTF-8 text, with very long lines (65301), with CRLF line terminators
Size 206 kB (205795 bytes)
Hash 678874f47a8dce4dabf47b97571f4e69
783950b606b5c7b54c1957cdfc86a7a725d291f3
c4596f55dade25c2c05e2862434fb4d73fa10857ee6fa367ec2ff85d8b53e41e
GET /cdn.omnihotelier.com/assets/styles/bootstrap.min.v.1.3.css HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: cQCVEwgOEvsd1ZsDZz/C2B2M0H3MjTQw2DDrKVXmBSKyyxBk7Ox7ThGQErsTvYkGP5nuW5xpk4w=
x-amz-request-id: JNQ1WHWEMJXYMP7X
Date: Thu, 24 Nov 2022 04:48:36 GMT
Last-Modified: Mon, 11 Oct 2021 08:20:50 GMT
ETag: "678874f47a8dce4dabf47b97571f4e69"
x-amz-server-side-encryption: AES256
x-amz-version-id: 452h9FWbuEnu1Ehkk0dMdDbRH0sMxaGA
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 205795
fonts.gstatic.com/s/prata/v18/6xKhdSpbNNCT-sWPCm4.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/prata/v18/6xKhdSpbNNCT-sWPCm4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18396, version 1.0\012- data
Hash 7f5f11a646c474d90c06755a90d9eeac
ac8b7cb4f98fa30bc7338ce97bf6992d6a402229
75bcb1e2c165a9dab26ede996b90fc62ce359f19cdcf076aa09876a943f20075
GET /s/prata/v18/6xKhdSpbNNCT-sWPCm4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ulusegara.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:42:13 GMT
expires: Thu, 23 Nov 2023 18:42:13 GMT
cache-control: public, max-age=31536000
age: 36384
last-modified: Wed, 27 Apr 2022 15:41:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ulusegara.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:48:50 GMT
expires: Thu, 23 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 25187
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
192.185.120.86409 Conflict 83 B URL HTTP/2 ulusegara.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/list-ornament.jpg?id=4824
192.185.120.86200 OK 95 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/list-ornament.jpg?id=4824
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x100, components 3\012- data
Hash f9d9c12c116405141af1d4b24aeb00ca
ec671af13973c06189c34e73c65928232e959747
4d204b7c83b0f07ffbe2a36ad97a041b55b4a55f90c0eac3d4c75fa41755785a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/01/list-ornament.jpg?id=4824 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 94858
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/ulu-segara-dining.jpg?id=4766
192.185.120.86200 OK 106 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/ulu-segara-dining.jpg?id=4766
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x867, components 3\012- data
Size 106 kB (106430 bytes)
Hash 279fe22393019f0fb0972495c8a2f3ab
2d76a3516ececca18b462ec2a7aad8ea81cf488f
2432ac346eb00c5b32fdda38f92ee1872f98da6240ff12e6b6b49ed37ab73f4a
GET /wp-content/uploads/2020/01/ulu-segara-dining.jpg?id=4766 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 106430
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/03/ocean-suite-room-ulu-segara.jpg?id=5451
192.185.120.86200 OK 171 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/03/ocean-suite-room-ulu-segara.jpg?id=5451
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x867, components 3\012- data
Size 171 kB (170985 bytes)
Hash 1c60e5287994497899cd793ee432e1f1
41a11b3d633f41e0729647116125c135c0d9e5c4
b712029c08d431a58f4f341b54c1e97a4a401676aafbc1f88b0ab5b093c9117b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/03/ocean-suite-room-ulu-segara.jpg?id=5451 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 Mar 2020 02:38:09 GMT
accept-ranges: bytes
content-length: 170985
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
192.185.120.86200 OK 77 kB URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 77160
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: font/woff2
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
192.185.120.86409 Conflict 83 B URL HTTP/2 ulusegara.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=172127690&post=10&tz=8&srv=ulusegara.com&host=ulusegara.com&ref=&fcp=2618&rand=0.1443870969033667
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=172127690&post=10&tz=8&srv=ulusegara.com&host=ulusegara.com&ref=&fcp=2618&rand=0.1443870969033667
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.2&blog=172127690&post=10&tz=8&srv=ulusegara.com&host=ulusegara.com&ref=&fcp=2618&rand=0.1443870969033667 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 04:48:37 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/omnih/chevron.png
52.219.124.206200 OK 3.8 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/omnih/chevron.png
IP 52.219.124.206:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash d652bd448faf60a70a096c6d9fc7189a
3d3fc562b4fbc480aa205233f559a4150ef59266
f44758f5f5aacb79edb9e4cc5b727fb0e2431c41365633e6081c25d55d9ebed1
GET /cdn.omnihotelier.com/assets/omnih/chevron.png HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s3.ap-southeast-1.amazonaws.com/cdn.omnihotelier.com/assets/styles/omnih-style.v.1.3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: GCobplS0bl0d+RXWid7NINAhZSD7C+WSUolmVRz/qTSlJY/fn76mjBIpbcNXQ7L6jx1QNKalatg=
x-amz-request-id: 7PEFB4D24M1DBN1E
Date: Thu, 24 Nov 2022 04:48:38 GMT
Last-Modified: Wed, 05 Jan 2022 04:33:35 GMT
ETag: "d652bd448faf60a70a096c6d9fc7189a"
x-amz-server-side-encryption: AES256
x-amz-version-id: tshW7twYx7dVLNeI7hlr62uH2Pucxwjj
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3825
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 04:41:08 GMT
expires: Thu, 24 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 449
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/cropped-favicon-32x32.png
192.185.120.86200 OK 1.5 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/cropped-favicon-32x32.png
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash f68ac85446a1430ecdd4d759b3d9e9b4
66c35a06c2e71d8f2b110c5be1ee1836875332af
cef0c207c9a2988f846049a312581ba5f0d7c0002fb64d9e5c82574047a5415e
GET /wp-content/uploads/2020/01/cropped-favicon-32x32.png HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 1514
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/16x16.png
192.185.120.86200 OK 632 B URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/16x16.png
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c796b2ddeff0d2eea6b3f699f00877ff
37acfdc525fcae7637b9c2a0d37516b946b60756
3a1a8a0eaf3e83743a1c8e5860c404760c8974a1d25cf2f34485b804e82b98d4
GET /wp-content/uploads/2020/01/16x16.png HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 632
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/cropped-favicon-192x192.png
192.185.120.86200 OK 14 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/cropped-favicon-192x192.png
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e4a68990a122620786cb12297012987
2a851b410745778f5f979a76cf76482fab75811c
b7ada74db42e7859ec5a3a79ba57f2ac0d27f39a94e5ace89ce608608e965016
GET /wp-content/uploads/2020/01/cropped-favicon-192x192.png HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 14133
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/uploads/2020/01/ulu-segara-main-4.jpg
192.185.120.86200 OK 159 kB URL HTTP/2 ulusegara.com/wp-content/uploads/2020/01/ulu-segara-main-4.jpg
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 159 kB (159347 bytes)
Hash 0654f8f916ebc22f8e2a33565a9c3efa
791eb2a07666d2527e598518526a761bde578767
8a7b1536ab9691db626dd18bb2368689063c09f5c79f0f7b423ae8afbf478a10
GET /wp-content/uploads/2020/01/ulu-segara-main-4.jpg HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Cookie: _ga=GA1.2.615884624.1669265317; _gid=GA1.2.882051322.1669265317; _gat_gtag_UA_157590608_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 159347
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/jpeg
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.185.120.86200 OK 351 kB URL HTTP/2 ulusegara.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 351 kB (350730 bytes)
Hash 469a6b097b3ed3df232c425f927b89ca
0ef4ebe8815e4041029ffc263d81a169c86b354c
770f858064345f017a7125a1930a87dde99da21dd28311617fe49e50208ae794
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 05:32:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/jquery-ui/images/ui-icons_777777_256x240.png
192.185.120.86200 OK 7.0 kB URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/jquery-ui/images/ui-icons_777777_256x240.png
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 256 x 240, 8-bit gray+alpha, non-interlaced\012- data
Hash 40bf25799e4fec8079c7775083de09df
4fc6b1449c73f5d10489c104225ebe326a4016ba
e75b27211e16fcf94715168001bb7055ca376d46f928110ba3d0825232452e5a
GET /wp-content/themes/ave/assets/vendors/jquery-ui/images/ui-icons_777777_256x240.png HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.css
Cookie: _ga=GA1.2.615884624.1669265317; _gid=GA1.2.882051322.1669265317; _gat_gtag_UA_157590608_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
content-length: 7013
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: image/png
date: Thu, 24 Nov 2022 04:48:37 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 25296
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/fresco/js/fresco.js
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/fresco/js/fresco.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fresco/js/fresco.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 13221
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/3d-flipbook-dflip-lite/assets/js/dflip.min.js?ver=1.7.33
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/plugins/3d-flipbook-dflip-lite/assets/js/dflip.min.js?ver=1.7.33
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/3d-flipbook-dflip-lite/assets/js/dflip.min.js?ver=1.7.33 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Aug 2022 05:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/jquery-ui/jquery-ui.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/css/theme.css
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/css/theme.css
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/ave/assets/css/theme.css HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jan 2020 08:42:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=6.0.5
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=6.0.5
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/prettyphoto/js/jquery.prettyPhoto.min.js?ver=6.0.5 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 7972
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.2
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.2
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.2 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 03:11:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Prata%3Aregular&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Prata%3Aregular&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Prata%3Aregular&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 04:48:34 GMT
date: Thu, 24 Nov 2022 04:48:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/flickity/flickity.pkgd.min.js
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/flickity/flickity.pkgd.min.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/flickity/flickity.pkgd.min.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/themes/ave/assets/vendors/fontfaceobserver.js
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/ave/assets/vendors/fontfaceobserver.js HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-length: 2407
content-type: application/javascript
date: Thu, 24 Nov 2022 04:48:35 GMT
server: Apache
X-Firefox-Spdy: h2
ulusegara.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
192.185.120.86200 OK 0 B URL HTTP/2 ulusegara.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
IP 192.185.120.86:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5 HTTP/1.1
Host: ulusegara.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulusegara.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jan 2020 09:19:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 0
x-nginx-cache: WordPress
content-type: text/css
date: Thu, 24 Nov 2022 04:48:34 GMT
server: Apache
X-Firefox-Spdy: h2