r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12710
Expires: Mon, 09 Jan 2023 02:26:08 GMT
Date: Sun, 08 Jan 2023 22:54:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 09 Jan 2023 00:46:22 GMT
Date: Sun, 08 Jan 2023 22:54:18 GMT
Connection: keep-alive
zelle.ace-it-writers.com/bot
67.223.118.25301 Moved Permanently 707 B URL HTTP/1.1 zelle.ace-it-writers.com/bot
IP 67.223.118.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /bot HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 08 Jan 2023 22:54:18 GMT
server: LiteSpeed
location: https://zelle.ace-it-writers.com/bot
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13966
Expires: Mon, 09 Jan 2023 02:47:04 GMT
Date: Sun, 08 Jan 2023 22:54:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 22:41:33 GMT
content-type: application/json
age: 765
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kEMnGTePdI57cfuXAlc/kz05NXh065HYi47V83ms64MPkvhv68ruSU6L7Ud0PwsSTAvFTBWc8Go=
x-amz-request-id: BQ7D5KBZWMAD579Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 22:15:57 GMT
age: 2301
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 22:54:18 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 22:17:21 GMT
age: 2217
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash fcdd1740b6f136b5d624ef94c372e238
64e1605b878fd1d019e54cdce44b99bd3e3511af
8b4a6e37f7e5b707ad53f3c4da2558296fd92f011753ce88e24bc23ea65fdde7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 22:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 14:17:06 GMT
Expires: Sun, 15 Jan 2023 14:17:05 GMT
Etag: "64e1605b878fd1d019e54cdce44b99bd3e3511af"
Cache-Control: max-age=573166,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 786883a70a3bb52d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4210
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 22:54:18 GMT
Etag: "63ba87aa-1d7"
Last-Modified: Sun, 08 Jan 2023 21:44:08 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
zelle.ace-it-writers.com/bot
67.223.118.25301 Moved Permanently 0 B URL HTTP/2 zelle.ace-it-writers.com/bot
IP 67.223.118.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /bot HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://zelle.ace-it-writers.com/bot/
x-litespeed-cache: miss
content-length: 0
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.71.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.71.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1iC9J/4Od4dqlWJz2PZ9qQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pRqxFTH9ZkxZq3Huosu+s3nVjrI=
zelle.ace-it-writers.com/bot/
67.223.118.25200 OK 9.7 kB URL HTTP/2 zelle.ace-it-writers.com/bot/
IP 67.223.118.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381)
Hash acc5801e5bfd4c7797ed17750030c07d
ed23f945b239fdc1cb239a922be37e1f8b013cdb
0f9c9cb994524e91a2f884e04432611fa914e000c09af7fa2fc2bb73329970f2
Analyzer Verdict Alert fortinet Malware
GET /bot/ HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://zelle.ace-it-writers.com/wp-json/>; rel="https://api.w.org/", <https://zelle.ace-it-writers.com/wp-json/wp/v2/pages/56>; rel="alternate"; type="application/json", <https://zelle.ace-it-writers.com/?p=56>; rel=shortlink
etag: "14-1673217010;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 9673
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 22:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 22:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 22:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 22:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zelle.ace-it-writers.com/wp-content/plugins/pagelayer/css/combined.css?ver=1.7.2
67.223.118.25200 OK 38 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/pagelayer/css/combined.css?ver=1.7.2
IP 67.223.118.25:0
Hash 40167a9572fd5b79080af36c4df81a9f
5c4fb20f7d55912290996bf9a26684ce34117ee4
da7fa6fe744ebc9bb598028e775d558e724ec0e51718da9c663949c9b5bd2ea5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pagelayer/css/combined.css?ver=1.7.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 11:55:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37872
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
67.223.118.25200 OK 12 kB URL HTTP/2 zelle.ace-it-writers.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 67.223.118.25:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Sat, 12 Nov 2022 01:26:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/uploads/popularfx-templates/epm/style.css?ver=1.2.4
67.223.118.25200 OK 998 B URL HTTP/2 zelle.ace-it-writers.com/wp-content/uploads/popularfx-templates/epm/style.css?ver=1.2.4
IP 67.223.118.25:0
File type ASCII text, with very long lines (1739), with CRLF, LF line terminators
Hash e7318e59f16ae30840fafc994903a6bb
7272def15aae186a7034bb37ca86157ef11c46dc
3e00c9bac68c06b8a129a5f2761b7b5347784f65a17f2a1ce8506ad18d367b28
GET /wp-content/uploads/popularfx-templates/epm/style.css?ver=1.2.4 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Sat, 13 Feb 2021 00:49:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 998
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-includes/css/classic-themes.min.css?ver=1
67.223.118.25200 OK 144 B URL HTTP/2 zelle.ace-it-writers.com/wp-includes/css/classic-themes.min.css?ver=1
IP 67.223.118.25:0
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/uploads/elementor/css/global.css?ver=1672997384
67.223.118.25200 OK 756 B URL HTTP/2 zelle.ace-it-writers.com/wp-content/uploads/elementor/css/global.css?ver=1672997384
IP 67.223.118.25:0
File type ASCII text, with very long lines (6697)
Hash 8279d3577a82c8463dfc3cf01541839a
7e502015d5e7b447c9e52fc84628ecccb3cfae8b
23a28162517834a628d34673fd29e47d61c5580d30a2bf7df91cec8eb3672562
GET /wp-content/uploads/elementor/css/global.css?ver=1672997384 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 09:29:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 756
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/uploads/elementor/css/post-47.css?ver=1672997212
67.223.118.25200 OK 307 B URL HTTP/2 zelle.ace-it-writers.com/wp-content/uploads/elementor/css/post-47.css?ver=1672997212
IP 67.223.118.25:0
File type ASCII text, with very long lines (1100), with no line terminators
Hash 04700a6f251834006adee973babd4fe9
2678ce7287e4a9eb5b2b67ddfdfdcf0391f072df
c0391565dd5a85607b6d82f12664df3ebd38d744223fd2e3583d887d2163f699
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-47.css?ver=1672997212 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 09:26:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 307
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
67.223.118.25200 OK 3.6 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 67.223.118.25:0
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 08:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3629
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/themes/popularfx/sidebar.css?ver=1.2.4
67.223.118.25200 OK 2.1 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/themes/popularfx/sidebar.css?ver=1.2.4
IP 67.223.118.25:0
Hash 62416500b0cbbba154e971a4b6b03785
0c32dd557ca71e320e122474706e674e2214a598
783f6f461f167189cca10f5683fb1045eacf6c0255d8ee80302db6d13ebaa46e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/popularfx/sidebar.css?ver=1.2.4 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Wed, 15 Dec 2021 17:31:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2079
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.2
67.223.118.25200 OK 11 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.2
IP 67.223.118.25:0
File type ASCII text, with very long lines (65497)
Hash e210e9620b9a60e4ce8a63b0212e7286
9d3b487afbe02623d6f42b9f68bbced4c4170f73
ddb2219e1a96fb385c8b0b0e6fd53fccf5dfc074d698b744544ecb60b1b796e3
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.9.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 08:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11385
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/uploads/elementor/css/post-56.css?ver=1673006216
67.223.118.25200 OK 109 B URL HTTP/2 zelle.ace-it-writers.com/wp-content/uploads/elementor/css/post-56.css?ver=1673006216
IP 67.223.118.25:0
File type ASCII text, with very long lines (346), with no line terminators
Hash 6279da2418ac2e81bc7f5ba81110d64b
4599a20f631a678849ac87f5e6a8019daefdc2d1
557dbe57792536b53705a5b301aa3899adcaf16194946b5a1a9d3d78edb356fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-56.css?ver=1673006216 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 11:56:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 109
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
67.223.118.25200 OK 30 kB URL HTTP/2 zelle.ace-it-writers.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 67.223.118.25:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/forminator-utilities.min.css?ver=1.22.1
67.223.118.25200 OK 316 B URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/forminator-utilities.min.css?ver=1.22.1
IP 67.223.118.25:0
File type ASCII text, with very long lines (767)
Hash 499fb07ca6fd3ba074e9e2809459926d
45995d250fcad45f58374d9f198527725ea80df9
4630e748f52a35786b91eb19ac4259db591f3ba714b85e032d1d784612f60d3d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/forminator/assets/forminator-ui/css/src/forminator-utilities.min.css?ver=1.22.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 08:09:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 316
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/uploads/forminator/css/style-55.css?ver=1673006487
67.223.118.25200 OK 2.8 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/uploads/forminator/css/style-55.css?ver=1673006487
IP 67.223.118.25:0
Hash 7e089996176b6f5d9c3ab5a54e2272af
b7647799106aa462c7534dd04934955da1d6ffaa
9528fa47e789e54c29b7353361c897336dfd15249d0bd2b4b026c7ffccd14f38
GET /wp-content/uploads/forminator/css/style-55.css?ver=1673006487 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 12:01:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2786
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/css/forminator-icons.min.css?ver=1.22.1
67.223.118.25200 OK 894 B URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/css/forminator-icons.min.css?ver=1.22.1
IP 67.223.118.25:0
File type Unicode text, UTF-8 text, with very long lines (5055)
Hash 7ff036c0bb8998fee201bb17a4d3efff
65772cf02669b02a8358d0c5761d3e393105bbb8
639cc10b7234c151ea1c00c2f125a008363dc2a4fc16988d01760adea2359fb9
GET /wp-content/plugins/forminator/assets/forminator-ui/css/forminator-icons.min.css?ver=1.22.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 08:09:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 894
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/form/forminator-form-default.base.min.css?ver=1.22.1
67.223.118.25200 OK 4.3 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/form/forminator-form-default.base.min.css?ver=1.22.1
IP 67.223.118.25:0
File type Unicode text, UTF-8 text, with very long lines (57730)
Hash b1e5bd4bb39633ac4b289a6d4f23bc6b
26f1f41affde5de2a538d354f18adda7e30a1f8a
63164d821d7a2d62de071605f597488192d01a9b5f77904e72d83b07889d4b59
GET /wp-content/plugins/forminator/assets/forminator-ui/css/src/form/forminator-form-default.base.min.css?ver=1.22.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 08:09:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4255
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4
67.223.118.25200 OK 1.5 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/themes/popularfx/js/navigation.js?ver=1.2.4
IP 67.223.118.25:0
Hash b551d4719e5bae3fe592fed521640655
09e3ef26d9f743221b03d7ca06434c0b6efcaed7
0f11ffb9985542721627f695ed0261cb5ef8466c1fc95cc13fdc3783516e7eda
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/popularfx/js/navigation.js?ver=1.2.4 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Wed, 15 Dec 2021 17:31:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1529
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/grid/forminator-grid.open.min.css?ver=1.22.1
67.223.118.25200 OK 576 B URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/css/src/grid/forminator-grid.open.min.css?ver=1.22.1
IP 67.223.118.25:0
File type ASCII text, with very long lines (5893)
Hash 6a2387f41710608aa3c5c1b01a1796ab
38577a300ced80938932881c9fc695dad24709c5
bc97dbaa877557ebd9731f2344c2f9c72b57b9cec195d015fe355fd0d4e1453c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/forminator/assets/forminator-ui/css/src/grid/forminator-grid.open.min.css?ver=1.22.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Fri, 06 Jan 2023 08:09:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 576
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
67.223.118.25200 OK 4.0 kB URL HTTP/2 zelle.ace-it-writers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 67.223.118.25:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-includes/css/buttons.min.css?ver=6.1.1
67.223.118.25200 OK 1.3 kB URL HTTP/2 zelle.ace-it-writers.com/wp-includes/css/buttons.min.css?ver=6.1.1
IP 67.223.118.25:0
File type ASCII text, with very long lines (5819)
Hash 17db97455648bb05ee8e5683f18d5db7
40db890ba7d604c300f053185cfa48e4249aa6df
330ad539cfe68b5cd70dd1430d49f7f8e8a6192077fe3c60562bc413d2fb9e47
GET /wp-includes/css/buttons.min.css?ver=6.1.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: text/css
last-modified: Tue, 16 Nov 2021 09:52:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1255
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/js/library/jquery.validate.min.js?ver=1.22.1
67.223.118.25200 OK 7.6 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/js/library/jquery.validate.min.js?ver=1.22.1
IP 67.223.118.25:0
File type Unicode text, UTF-8 text, with very long lines (24292)
Hash ea7be40f9f8202e17748bed4f174deaf
004bbe5408dfe5fd553cae680164a6fa2784d9da
46c66212a69075b41350d01029b04abc8c7733481d5edf0102e54ec0835eb02b
GET /wp-content/plugins/forminator/assets/js/library/jquery.validate.min.js?ver=1.22.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 08:09:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7600
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8358
Expires: Mon, 09 Jan 2023 01:13:38 GMT
Date: Sun, 08 Jan 2023 22:54:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8358
Expires: Mon, 09 Jan 2023 01:13:38 GMT
Date: Sun, 08 Jan 2023 22:54:20 GMT
Connection: keep-alive
zelle.ace-it-writers.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
67.223.118.25200 OK 4.6 kB URL HTTP/2 zelle.ace-it-writers.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 67.223.118.25:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.2
67.223.118.25200 OK 12 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.2
IP 67.223.118.25:0
File type ASCII text, with very long lines (40657)
Hash 8c7ab746e082dda4943fe6b9c0c5ebc8
d11519b0d66058ecd8d8ac1c68b83bafeaa34ba0
843b10f39c9b6aba0f05c1e5fba3946c7602e850a76f61cd25ea0d8a05f4338d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 08:07:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11747
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.2
67.223.118.25200 OK 9.9 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.2
IP 67.223.118.25:0
File type Unicode text, UTF-8 text, with very long lines (31482)
Hash d0d0a3862e95b83dc23f072245b60b58
76fbc0e47ec706ebea7b31f2d3148dcb3562cee9
5827fb04403b4c0b4ab641257e47a53d0eee97edb7760e437bc928b72849392c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 08:07:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9924
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
67.223.118.25200 OK 2.9 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 67.223.118.25:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 08:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
67.223.118.25200 OK 6.8 kB URL HTTP/2 zelle.ace-it-writers.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 67.223.118.25:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 05:25:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.2
67.223.118.25200 OK 2.0 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.2
IP 67.223.118.25:0
File type ASCII text, with very long lines (4918)
Hash ffde4e25e08b1ffdc9d1f060cda65726
f0689754d97fda7c2354e2cc654158fb86efb752
1cc1536ec774376b6e685428700008a85f72a424751240c61c52cb49cd0b41ae
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 08:07:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2047
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qrv79JkELgiKRk7WivjlquDxhTuxhElzukgvmGBJdq778jc8Kt1XzQ==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 23:14:00 GMT
age: 85220
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee0100ded5c40b35292c57e0cde4d423
eafacf389372d4cc059d0fb7fb3e1fccf506d69b
7a2dab5cd0a5a6e96f22771ac84b86df910036186ddb7521dcc41dc82125b272
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4842
x-amzn-requestid: ff29171f-d040-479e-a4c7-d19b8bee76fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8EexoAMFdHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-04e89f5b50e2dfba7c13b3b6;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _H_Kd9xwNsS9YbtlMh3uFO_-9uJk75U7nVX8UsdfZCd_pOXklJ_Qsw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 03:41:11 GMT
age: 69189
etag: "eafacf389372d4cc059d0fb7fb3e1fccf506d69b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0473691ea0d4426c66441d3e049b139
2ba1b24cc0f903a534458642236adc8495d87519
5475d4935fea484eabbac57be8e5604952f59374e1ccf26392c3283d39b96a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 173c95c5-690c-4381-9cf1-cb31e4456f14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd8LF0YoAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676b4-0b9191ab25e33cb436995203;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ugd6PvgcQYjFctkOjVM5zXz3muWfr3o-8qf2hLbu-B_orF1ruOiTGQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 08:02:04 GMT
age: 53536
etag: "2ba1b24cc0f903a534458642236adc8495d87519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 958d699fe0e01f8f1e6002637f87ab63
9feb324f4c37992e68e04762494841d532b3da2b
a20dce10643f6cb9aed206ca177c54538076e61568528e5fdc2744d8cc25846a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10157
x-amzn-requestid: cc023618-8a3b-452e-84cc-04c8b5f48a3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8Es5IAMFYtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-6d9f330a4b3df85c661c1bd6;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yaahmIYHAzMWPmbF_6RRTXc-boEiyV4AgS6BLMUTxVhSOos78xvtYQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 03:38:38 GMT
age: 69342
etag: "9feb324f4c37992e68e04762494841d532b3da2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37629fba-d878-4757-bbb5-ec6764ae2a28.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37629fba-d878-4757-bbb5-ec6764ae2a28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97daf64b02d7b3d266c7cd921d0684f7
74fa41865d65ef95126bcb1072bbf578bda031b0
bcaaf9e89d8af2bbddd4c000cd2facfadebce0cffb119b7583823190c5cb009e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37629fba-d878-4757-bbb5-ec6764ae2a28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10768
x-amzn-requestid: 321c3466-ab77-4fff-a022-436634c89dad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWFvEXAoAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb36f1-55e48ac47077b4a270456423;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:34:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C6psC2HUUWMvrUWxBnkvQFrNS2Qg_dCys7fnUFl2AI3qRkbFUxRuyw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 21:40:33 GMT
age: 4427
etag: "74fa41865d65ef95126bcb1072bbf578bda031b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A400%7CMontserrat%3A400
142.250.74.74200 OK 6.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%7CMontserrat%3A400
IP 142.250.74.74:0
Hash e695bc6b9a1e2c15f5dc22019822dcb8
9157a826678faaeda39f1041c05a611a6854a4fd
73223066b2e720d0986830f1a00a53ba4639c4d53587fe09b15936e1226411c4
GET /css?family=Raleway%3A400%7CMontserrat%3A400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zelle.ace-it-writers.com
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 08 Jan 2023 22:54:19 GMT
date: Sun, 08 Jan 2023 22:54:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/pagelayer/js/combined.js?ver=1.7.2
67.223.118.25200 OK 29 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/pagelayer/js/combined.js?ver=1.7.2
IP 67.223.118.25:0
File type Unicode text, UTF-8 text, with very long lines (8099), with CRLF, LF line terminators
Hash bca85aa8b604ff57cbd7fd3757b9d450
13e91274aedb1bc1cf3cd841b1685192c00b280a
28fda1e413e708856264419550152d91aa40f1fde85e87cad5bd947dc04c4516
GET /wp-content/plugins/pagelayer/js/combined.js?ver=1.7.2 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 17:59:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29118
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/plugins/forminator/build/front/front.multi.min.js?ver=1.22.1
67.223.118.25200 OK 38 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/forminator/build/front/front.multi.min.js?ver=1.22.1
IP 67.223.118.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 720efc3f34bf72885a22c80f365757c7
8c5401a5f55902953ca68b65d103219d279abcdb
513c9efec4fc8015aa3409c59003cbf7e504ad00e832915bdb3793285237ad3c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/forminator/build/front/front.multi.min.js?ver=1.22.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 08:09:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37818
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 22:54:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
142.250.74.35200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Hash 16911581ab7ea10687a5aee74cbc5612
b0b24248345739209d753a4ac77ccfc1f627b219
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zelle.ace-it-writers.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 21:18:40 GMT
expires: Tue, 02 Jan 2024 21:18:40 GMT
cache-control: public, max-age=31536000
age: 524140
last-modified: Mon, 18 Jul 2022 19:57:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 22:54:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/js/forminator-form.min.js?ver=1.22.1
67.223.118.25200 OK 18 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/plugins/forminator/assets/forminator-ui/js/forminator-form.min.js?ver=1.22.1
IP 67.223.118.25:0
Hash d11af395173eda3b99c62ccfbcb7f49a
480519bd043a7bd97268433e3ac0c15703f175d8
f7d0f05886a6ed5a9da78e554337c801dc2f6c670330586cd54696a28e0f0017
GET /wp-content/plugins/forminator/assets/forminator-ui/js/forminator-form.min.js?ver=1.22.1 HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:19 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 08:09:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2765
date: Sun, 08 Jan 2023 22:54:19 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/uploads/2023/01/3CD09E03-8706-46B8-B73B-437E2E84260E-1024x210.jpeg
67.223.118.25200 OK 6.9 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/uploads/2023/01/3CD09E03-8706-46B8-B73B-437E2E84260E-1024x210.jpeg
IP 67.223.118.25:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1024x210, components 3\012- data
Hash 12f5b4392a9d8449142ded45d0ad271d
489f34299cc978bd0ba3d5007635f6534244b8b2
a5eb1239b5261c09c13501572702271721a40aa7249a656889f5f87b1ece24bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2023/01/3CD09E03-8706-46B8-B73B-437E2E84260E-1024x210.jpeg HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:20 GMT
content-type: image/jpeg
last-modified: Fri, 06 Jan 2023 08:21:02 GMT
accept-ranges: bytes
content-length: 6863
date: Sun, 08 Jan 2023 22:54:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-content/uploads/2023/01/516764BE-1A1F-4F79-9187-872FD7B2379A-687x1024.jpeg
67.223.118.25200 OK 67 kB URL HTTP/2 zelle.ace-it-writers.com/wp-content/uploads/2023/01/516764BE-1A1F-4F79-9187-872FD7B2379A-687x1024.jpeg
IP 67.223.118.25:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 687x1024, components 3\012- data
Hash efe0d9aa1add516a375f5fc2843f57d8
e4dd4a41f09cb8fe404ce72da751f5d530f72cbb
4020eb46ca204b1eedd172e69453bae960fa28016884d9852ec27263d36206ac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2023/01/516764BE-1A1F-4F79-9187-872FD7B2379A-687x1024.jpeg HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 22:54:20 GMT
content-type: image/jpeg
last-modified: Fri, 06 Jan 2023 08:21:24 GMT
accept-ranges: bytes
content-length: 66728
date: Sun, 08 Jan 2023 22:54:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/wp-admin/admin-ajax.php
67.223.118.25200 OK 40 B URL HTTP/2 zelle.ace-it-writers.com/wp-admin/admin-ajax.php
IP 67.223.118.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 761ef8cb6034cbc6f33deefb42792351
ae1c1dc859f78c9a7fab2f3a269ba952769a2657
856ce222ded0f803c8e39ed01a8c6fe3101794772fa0a245e18d2c3086a198a8
Analyzer Verdict Alert fortinet Malware
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 27
Origin: https://zelle.ace-it-writers.com
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://zelle.ace-it-writers.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
content-length: 40
content-encoding: br
vary: Accept-Encoding
date: Sun, 08 Jan 2023 22:54:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
zelle.ace-it-writers.com/favicon.ico
67.223.118.25404 Not Found 1.2 kB URL HTTP/2 zelle.ace-it-writers.com/favicon.ico
IP 67.223.118.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: zelle.ace-it-writers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/bot/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 08 Jan 2023 22:54:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A400%7CMontserrat%3A400&ver=1.7.2
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%7CMontserrat%3A400&ver=1.7.2
IP 142.250.74.74:0
GET /css?family=Raleway%3A400%7CMontserrat%3A400&ver=1.7.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 08 Jan 2023 22:54:19 GMT
date: Sun, 08 Jan 2023 22:54:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP 142.250.74.74:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zelle.ace-it-writers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 08 Jan 2023 22:54:19 GMT
date: Sun, 08 Jan 2023 22:54:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2