r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7545
Expires: Fri, 02 Dec 2022 11:45:09 GMT
Date: Fri, 02 Dec 2022 09:39:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 448
Cache-Control: max-age=89956
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:24 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:38:40 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12622
Expires: Fri, 02 Dec 2022 13:09:46 GMT
Date: Fri, 02 Dec 2022 09:39:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 09:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1273
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Wi2uzNK3QXMIxisfE7resMjMtkuqPifLSKiXxwwi0ZZ/4GcvUQ3uMEh1rP5GMV/Wfhc7JOxAXnc=
x-amz-request-id: KJDP7NMTCV4DDPW1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 08:46:03 GMT
age: 3201
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.ercaws.com/
188.114.97.1302 Found 283 B IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ecd5915136c9266dee7fb25c781d435d
9c5a5655715bed2c905a6a6b5ebcabe20e0366d2
5a0d8a4c5d2d938e95edfe3d74ecb8b00f6d149bfff47ef86a28c9c394290a9f
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 09:39:25 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://ercaws.com/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAVTI2%2FJ0Eiw3OL4Cf%2F9NqfT8zDGRpFd1%2F8Pu4grxIxfEqS7QjqrvoOsqjFAeNhFNcWIlgYitLsfOSN8amrKHXIHB5Gj%2FgT09S%2Bf9sUO5VM9utVWgkdYiwrJgMZT6nvCuw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7733185f4c9cb511-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 09:08:57 GMT
cache-control: public,max-age=3600
age: 1828
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 8f434d98f60ef4c27b2048650ba56d7e
fd8a1861f95b2e238a793e87ccac6bdb0578175b
b4efb69ef3cc97daa66afc6153b38164b91b4412d4afeaf4fb9ba3c6a3ff00ec
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 09:39:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Dec 2022 04:50:25 GMT
Expires: Sat, 03 Dec 2022 04:50:25 GMT
ETag: "fd8a1861f95b2e238a793e87ccac6bdb0578175b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 446
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:25 GMT
Last-Modified: Fri, 02 Dec 2022 09:31:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.240.159.184101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.159.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +FxtrKNGyhXNAYM2lItHzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bHbdmm/rwsgbbJ5MnlYPc8gCwaw=
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
192.0.77.37200 OK 16 kB URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 3464ae1e83aaddfb763bcd5f5fa9e7f6
2bd95060d73d7f454f92544dc260deeb01756b20
cf61093034d5671e71ba19d5b4b385867cc03dff75eba541c0c721069c914945
GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ercaws.com/
34.125.198.6200 OK 43 kB IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3291), with CRLF, LF line terminators
Hash 587b8a97dae80782b6d1226b18d3cd8e
3856bfc867343e1b8294c7c93095a2b4732913a4
f69798b69639e11ef3a98c033062e2bd7f37301207840fbc17ca67bc550fb696
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:25 GMT
Server: Apache/2.4.41 (Ubuntu)
cf-edge-cache: cache,platform=wordpress
Link: <https://ercaws.com/wp-json/>; rel="https://api.w.org/", <https://ercaws.com/wp-json/wp/v2/pages/87044>; rel="alternate"; type="application/json", <https://wp.me/Pek619-mDW>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 43181
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ercaws.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
34.125.198.6200 OK 972 B URL HTTP/1.1 ercaws.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:41:02 GMT
ETag: "aab-5ed8d67444041-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ercaws.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
34.125.198.6200 OK 299 B URL HTTP/1.1 ercaws.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:31:46 GMT
ETag: "2b5-5eeaa4239bfb2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 299
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1
34.125.198.6200 OK 710 B URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (2635), with no line terminators
Hash d44324c7a85da1e440d06e665adaae2b
7aaaea3a822314ab334ab1332a0f3ff88e94eb56
74d64271ce9fa5f07a12f19bbdeddc89c50e32008cee343eccd38c8f97080083
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "a4b-5ee557ab94950-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 710
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/block-options/build/style.build.css?ver=new
34.125.198.6200 OK 3.0 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/block-options/build/style.build.css?ver=new
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (19768), with no line terminators
Hash 9f1a3e58ceb253e08b5736d3d27ad913
6f0596c131819ef777232a8f56cf3f9bfaba953a
8fc5ea4d9441426dacc983c9437940e01aa718eda736ba21b511ebcffb6da9e0
GET /wp-content/plugins/block-options/build/style.build.css?ver=new HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 01 Dec 2022 09:57:17 GMT
ETag: "4d3c-5eec13f060951-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2970
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
34.125.198.6200 OK 5.0 kB URL HTTP/1.1 ercaws.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
ETag: "48b9-5dc6eb878efc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5009
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14006
Expires: Fri, 02 Dec 2022 13:32:52 GMT
Date: Fri, 02 Dec 2022 09:39:26 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 41388
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 13118
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 43472
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e1372b65928f2addd9d8e44ce63ea0c
795fd611123ebde700aaff1f0dac862f9cad00dc
de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 42558
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 42336
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 42570
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 4.5 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (11126)
Hash 056120578eb474a0fc907e436832cfb6
73f7aa3a97ede0b5207111fbda69139c22fa663e
7eec6ac8559a7df0cfb2ceafdb92239a3f47ca7707f0270f625bbedfd38012fa
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
192.0.77.37200 OK 2.8 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 1d72b07ceb0cdaa26ff61accfd785ea5
004b70953971c6ec543a79503c177b7243bc9ed6
3d5aa61201aca1007b1a8bf88c01bf41ca153ee037976760a350d973daa0e27e
GET /c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ercaws.com/wp-content/plugins/reactpress/public/css/reactpress-public.css?ver=2.1.2
34.125.198.6200 OK 106 B URL HTTP/1.1 ercaws.com/wp-content/plugins/reactpress/public/css/reactpress-public.css?ver=2.1.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 8af7d01cc8f7698605260aa25a37f45e
854439cb106afae13bace1acbdfd03e0ec2daee4
8b46abceed3ee90f0e9053977b5dcb569c09784270d0e5fff5aebf80256501e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/reactpress/public/css/reactpress-public.css?ver=2.1.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:28 GMT
ETag: "62-5eeaa39fdd734-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 106
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=UA-230057426-2
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-230057426-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 29c52c89f2965d607de1a4f958740c73
b8b544df07eeef6b3cae3858257ad196c6fa795c
50b1a2c4cbcbbf2474b63b6c85c6ecb2b4edd292c8439db34cf430909063e2a5
GET /gtag/js?id=UA-230057426-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 09:39:26 GMT
expires: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ercaws.com/wp-content/plugins/weather-atlas/public/css/weather-atlas-public.min.css?ver=1.2.1
34.125.198.6200 OK 1.1 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/weather-atlas/public/css/weather-atlas-public.min.css?ver=1.2.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (4454), with no line terminators
Hash 8eb34f822aebea7e1dceaed955ab673f
ded5e0d110d404318205bb5026905a8f01c09297
f2b9b997ce3e52e8bca0e8a339657e5f11ec485df40b404a11e805a167959bb1
GET /wp-content/plugins/weather-atlas/public/css/weather-atlas-public.min.css?ver=1.2.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:16 GMT
ETag: "1166-5ed8cd1e6ad74-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1109
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1
34.125.198.6200 OK 12 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Hash 290c883ccc4c912f39b8efdb8ee95a71
357328327eea83aeb22d72f9d3f6162db1175dc5
0a90f1cc5ddc0fa460b1d2208e1efb4c234e9b5ed4fe066135e676813368cb4a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "17874-5ee557ab958f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12491
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1
34.125.198.6200 OK 718 B URL HTTP/1.1 ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (3440), with no line terminators
Hash 29d8fbf071ddcb7d406d880241d4f2aa
d5e60a89de7bfb703283394c25b6fc69aabb060e
d5506554c323d3f8e71923b46d6dd9ccd3997aba632bdbb12c16337412e22de8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:15 GMT
ETag: "d70-5ed8cd1d49c75-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 718
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
34.125.198.6200 OK 7.1 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (30837)
Hash 2a2c987c48fb65bb0e78fa2a37120537
ede7a4d5da37f053251e8b8a33be2a23a660473f
3d3136cdfced0eee9b7766b7a17a591f6fb3ba480e71b8930acbea4db4ab71d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:51 GMT
ETag: "7917-5ed8cfeed08a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7052
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/themes/erlinews/style.css?ver=1.0
34.125.198.6200 OK 20 kB URL HTTP/1.1 ercaws.com/wp-content/themes/erlinews/style.css?ver=1.0
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (492)
Hash 671fc606a77906bcfda7959c4c778aa8
592f8227caddd2a5b42a7e5a33b012d42807bd18
0763a6ab3cb74e9c0e014d5a401acd9609593a3f7e197fa15a54460847c9ff8a
GET /wp-content/themes/erlinews/style.css?ver=1.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:39 GMT
ETag: "1972f-5ed8ccfb5a497-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19869
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 12 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash d1ce8e348f832cf70345b51f52f59e4d
7f979dd76f1d331a0798b74fd4ae5d9761b8e774
47f238bae086ebc8bb7cce4e5a3c19d0b329ee35b97b16fbedd952be7f98d695
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ercaws.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1668597450
34.125.198.6200 OK 13 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1668597450
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (483), with CR line terminators
Hash 5fd8acfedd59617cfc9bc036bfb994f4
e852a6bb14ee329645da42829656a5838b312a62
cac8a4c0b726396628ac6256ceecbec91bb0e493543d499616a09ffa86df45b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1668597450 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 11:19:50 GMT
ETag: "21ac1-5ed94a6a69024-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12853
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
34.125.198.6200 OK 4.0 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (19233)
Hash 24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:55 GMT
ETag: "4b4f-5ed8cff27a0a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3961
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/themes/erlinews/css/bootstrap.min.css?ver=5.1.3
34.125.198.6200 OK 24 kB URL HTTP/1.1 ercaws.com/wp-content/themes/erlinews/css/bootstrap.min.css?ver=5.1.3
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash 5a29a10c5051e1e126c68212b4695443
967bcc87411edaf47ea7c4c4f408e814a5a5cbfc
f8112f31e245aec8a92e55eaa4710fb78b2f1b464788cfff6e7a59137a224706
GET /wp-content/themes/erlinews/css/bootstrap.min.css?ver=5.1.3 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:21 GMT
ETag: "27ff4-5ed8cce9e9729-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23902
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/menu.min.js
192.0.77.37200 OK 3.4 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/menu.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (9937)
Hash 793df3caa5ba957143ef9ec20812a8a6
b394e303ed4165671a012cbc931305c431805165
85f79c7bc2d250c87bbb53d85bb6d31a868dec8636c32c87468285fed9b06504
GET /c/6.1.1/wp-includes/js/jquery/ui/menu.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 1.8 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash f1adcd618f513a1ddba72dd71128e9f1
a8979349ebc6873106b93fcaeef1051c1b267522
135de0f4124d6c2e337ab556ca645f4c7e529e13756500935c9391d9b06053e4
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ercaws.com/wp-content/themes/erlinews/erlinews-addstyle.css?ver=5.1.3
34.125.198.6200 OK 15 kB URL HTTP/1.1 ercaws.com/wp-content/themes/erlinews/erlinews-addstyle.css?ver=5.1.3
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (448), with CRLF line terminators
Hash 2417d11881e675acea30f0f73f5da61a
be974063365f43f03190b67149ea1f935c0b345a
21ef17460e56c16b8527b63d227ae3102d4ee166c17322e7339ae4f604512b87
GET /wp-content/themes/erlinews/erlinews-addstyle.css?ver=5.1.3 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:03 GMT
ETag: "17295-5ed8ccd959379-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15386
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1
34.125.198.6200 OK 20 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65497)
Hash 64e425a459cf734b7d0db289b7649a90
9a90ea6fe0e05cd286be4809597ecc0ed7930b4c
7d5ebd725d9d7271988ec20af13f060794bd4b65d1dce5c2c7e411647ff93a19
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:25 GMT
ETag: "27687-5ed8d00f461a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19732
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/uploads/elementor/css/post-8.css?ver=1669820273
34.125.198.6200 OK 381 B URL HTTP/1.1 ercaws.com/wp-content/uploads/elementor/css/post-8.css?ver=1669820273
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1148), with no line terminators
Hash 53f424e21573cc5e27f3a7a5a261c842
aa040ed871ad52234406120dce2d97676d66eea3
ddf740a83f4160b53ac824ad1c3662a18047274648e1eb558adddc3a183bee48
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-8.css?ver=1669820273 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 14:57:53 GMT
ETag: "47c-5eeb15442e181-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 381
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
34.125.198.6200 OK 13 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (59158)
Hash d7913fc87c4606f82b4ee77a8d47fc2f
62a54acf7535ae53425b44dadfe5fdabf3d8300a
bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:50 GMT
ETag: "e7d0-5ed8cfee121c5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12869
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158941
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 05:48:28 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kxBsN3c2e01YuFXL8Co5uv41ZKGY8-ns7jQVTEojkVpart4Dz-j53g==
Age: 1385
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1
34.125.198.6200 OK 4.2 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (26516)
Hash d74abcef3df71d56667a44693f75c454
be993a7b5c88a550ef0dc19c4841f240e41967f8
8c8fb98c0a68a93f2bcf224fcc1bdaa1095fc1b3f5418f2e2c5fddcfa3dee410
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:53 GMT
ETag: "684e-5ed8cff031143-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4229
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161370
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 06:28:57 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sR_wc8oJDsmfjSU7DIAte5zJUJFd_ftYChD75EP_SHdbr9jRr2mePg==
Age: 3814
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Last-Modified: Fri, 02 Dec 2022 08:47:29 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZCgH79Tw44nX7C5fUOnQp3-h0NEyUU_lDx7R4SXf4Xf--ljbnlODiQ==
Age: 3119
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159446
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 05:56:53 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nrwoNz3SIsTnZtkiw81-GDe0dTiMLReT7l6W55tEg4-jJ5pPM9Yi6w==
Age: 1890
ercaws.com/wp-content/uploads/elementor/css/global.css?ver=1669820273
34.125.198.6200 OK 2.2 kB URL HTTP/1.1 ercaws.com/wp-content/uploads/elementor/css/global.css?ver=1669820273
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (48213)
Hash 5086a1221546c10850c64ad7c411da29
de9769716b8562db168ac9b1087128c799db58d9
76905284ee34b079c54e14c2600ba136b8865e972c8ceb437528a9f207fd0423
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/global.css?ver=1669820273 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 14:57:53 GMT
ETag: "dbb0-5eeb15443fac0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2152
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163748
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 07:08:35 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qu5_6M5abhz5WmKP9JEn_XnmiM7rSYmqNT_OidqFqpZ-f29MU1pSlg==
Age: 6192
ercaws.com/wp-content/uploads/elementor/css/post-87044.css?ver=1669931780
34.125.198.6200 OK 2.6 kB URL HTTP/1.1 ercaws.com/wp-content/uploads/elementor/css/post-87044.css?ver=1669931780
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (46209), with no line terminators
Hash 14e8f99b6af5ee6022135af9a4b840f6
559fcfce1b2db16bbe4d7fbe96425955c3b141a4
6435a423ab676231089ea6160ed8a1ee755398b9bf4cf5264f85dce717a28c95
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-87044.css?ver=1669931780 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 01 Dec 2022 21:56:20 GMT
ETag: "b481-5eecb4a977ffa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2631
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2
34.125.198.6200 OK 13 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (59158)
Hash 77adb61e8b73b03c938831ca2e7cd41d
3b0c1f53c1161696277d33d1cb6c311f25d2f961
b170b9f3758097a377a7068667a531e07a82612331808b5bb2b7ed863bf63e0e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "e7d0-5edc49a9350d4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12868
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2
34.125.198.6200 OK 22 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 2003102d022a9781fe4d42b5b909f6c8
eadcc08b50cb30b11fd3a906c336cb45d8ef6326
3ef1212104988bb1dbea1a600ad3a0601cc0a0c62f0fccc18f8ea7e24f0dd74d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "250fe-5edc49a936074-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21855
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2
34.125.198.6200 OK 379 B URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash fb832128b166910b553cb0a6de7ba005
db47444d89022a51bfef4c37600bc03be64f72f0
d67c25cb738a52af9203f362668727bd45715b4f8754301ec41dc0d78bfd929a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "385-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 379
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2
34.125.198.6200 OK 24 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash fb2012929c2b18e52936d82370366270
43ecd550b3e37b16ca22decbb4362fa80c9306c0
aa2d5667c091216a7ead21da19590c41362208ce67708925d84c4ef0771ef6e6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "23734-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23844
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/erlinews-widget/style.css
34.125.198.6200 OK 838 B URL HTTP/1.1 ercaws.com/wp-content/plugins/erlinews-widget/style.css
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash d84bc9f8d2def0f1e84dfc0c405255f2
a22d4fb3914c480e4be8f0d125d5f45a4274d4ba
9f2a1cdcd7eda6796a1d9e3eb18653cac63cbfea3c7c01ffa1430e105f5164d4
GET /wp-content/plugins/erlinews-widget/style.css HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:43:13 GMT
ETag: "b12-5ed8d6f1d677c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 838
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2
34.125.198.6200 OK 479 B URL HTTP/1.1 ercaws.com/wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 5850a4d6be478b5a5c29526a957840c4
1854bff2c967f028cf8c1f53b3c7878fb605e329
654a9a69300dd841ea2bc14d36c346377cee298b126463cc844fb26929260843
GET /wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:28 GMT
ETag: "346-5eeaa39fdd734-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 479
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1
34.125.198.6200 OK 2.5 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (8169), with no line terminators
Hash daa47d2e3e95fd559a8e8b55bb5e0fc4
80890ad053eba31d5cd6e1dc01a6af48c3581457
c7784aeb52daf95ef1fd3dce9fd5890a0b873ccf2d959be8f37b3176d9a589e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1fe9-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2484
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b
34.125.198.6200 OK 1.6 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (4507)
Hash f80c5566694d035722629f262d5477e3
fee1e291de68f347e3c32e61edcb1d4a79cbd7fe
a188fa91f1cd0723fb45379b0ca3ec73d46c1376f1bf6a69564952759c1edaa3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "11c1-5ee557aba33b0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1636
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49
34.125.198.6200 OK 3.8 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash afaf7055b7ce023d7af69e2cc7911093
fcae37dbd631bf34240dd89bf32ef7bd5967b783
5d539710eae2bb8dd85955712403c21b83cd8ba55f5b1cda55c22da1b9245dd5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "2587-5ee557aba33b0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3771
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1
34.125.198.6200 OK 480 B URL HTTP/1.1 ercaws.com/wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (867), with no line terminators
Hash 747a25813705e6cb7089f28d82c6b60f
d4311f83aabe9d3b98df34b91c6c6f2066c141c8
459873601e832bef8af96502625bd8fec2b5958c73326da2b8e364b0501b4bff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:14 GMT
ETag: "363-5ed8cd1cbc2d6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 480
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1
34.125.198.6200 OK 865 B URL HTTP/1.1 ercaws.com/wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1680), with no line terminators
Hash e484a499a1b9fa097844b111eb195e35
3572d4af98ab553b4ab54f6e4d4ae57bfd0e4f3c
893c9f1725458ea13ca26ca28a641ae0b1e1a8ad6c0955b5d9421a70ceb083d1
GET /wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:14 GMT
ETag: "690-5ed8cd1c70fb6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 865
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1
34.125.198.6200 OK 4.2 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (14869)
Hash 1fcdd9935a66511c3b8069495af248e3
b0e375ac95b547b3bb6ce74cd1bcc505ffc2281d
4a741209fc122872cb5ae018a5870d70848a616fa98eb4289ad78cec986ec282
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:49 GMT
ETag: "3acf-5ed8cfec83ac7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4205
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.7.0
34.125.198.6200 OK 1.2 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.7.0
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (4308), with no line terminators
Hash d83aedf99d3bdc9fde5de1753c320ba1
e5d7c90b4b921e368ffc6d2cbfae2264b5b4f9fa
bfed8658f870445ed0f6f46340b6047657f8e5fd249f6b1f07c4dac36bf84e7d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.7.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:23 GMT
ETag: "10d4-5eeaa39aca9f9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1221
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ercaws.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
34.125.198.6200 OK 2.6 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:59 GMT
ETag: "4824-5ed8cff5e603d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2592
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Syncopate:400%7CJacques%20Francois%20Shadow:400%7COswald:400%7CQuintessential:400&subset=latin&display=swap&ver=1669839874
142.250.74.106200 OK 10 kB URL HTTP/2 fonts.googleapis.com/css?family=Syncopate:400%7CJacques%20Francois%20Shadow:400%7COswald:400%7CQuintessential:400&subset=latin&display=swap&ver=1669839874
IP 142.250.74.106:0
File type ASCII text, with very long lines (32033), with CRLF, LF line terminators
Hash 3f6502a9dbe9fa6062bb3510566b4ca3
4211675913ba0489d20e531569148f4b667db133
fb64e9d9d4800f9a5413aa67da6eb8f15e9c405dcf18b427e1dea87c55529013
GET /css?family=Syncopate:400%7CJacques%20Francois%20Shadow:400%7COswald:400%7CQuintessential:400&subset=latin&display=swap&ver=1669839874 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1
34.125.198.6200 OK 1.4 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with CRLF line terminators
Hash 9dc331aa18fccf2b0e2e52e1e7d60691
a2770ba627228ab36d47a39d4a037a39efae37a7
699319721e332c7f0461d5e2dafab3fb485b09e4037dd2b96f12aa3d5a2d0c91
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:42:37 GMT
ETag: "e8c-5ed8d6cec5e9f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1350
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
34.125.198.6200 OK 2.9 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:40:59 GMT
ETag: "26d1-5ed8d67167984-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2937
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/cloudsflaring.js
52.95.162.45200 OK 17 kB URL HTTP/1.1 suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/cloudsflaring.js
IP 52.95.162.45:0
File type ASCII text, with very long lines (17031), with no line terminators
Hash 33100f2355611b2375f05486299abf05
0b2d1b75f6695e67b884bee2eb72165d6e881a26
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
GET /ANDYTIME/js/cloudsflaring.js HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Yv9q7PjbiUYuHJUbgCLRHJaNDHMKVETZJN4wZro78rO3/55KYi0smPKx3q/ki7P7UKdWWiRn3Vg=
x-amz-request-id: BQMQJWE1RR355C70
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Wed, 16 Nov 2022 03:01:29 GMT
ETag: "33100f2355611b2375f05486299abf05"
x-amz-version-id: Z3e2qvxseEm36Aa13HK4URg1nBAD1kMH
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 17031
ercaws.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
34.125.198.6200 OK 4.0 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:40:59 GMT
ETag: "3016-5ed8d671a6184-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3957
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ercaws.com/wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519
34.125.198.6200 OK 982 B URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (2382)
Hash 2502bc85936b1194cdc9915dd84de9fa
3e487681ce8fc9c84af9bbf18d5681bff14983f0
28830445211d1f8e39ef227c331293b254ecc774de7793be33633b66987d0cd0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "975-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 982
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf
34.125.198.6200 OK 324 B URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (422)
Hash 70563ca72bf48c061219d092600fedd1
95965836b0c0bd6c42c80fe15b5c8842ad36b310
c80f2dc654c1d01914413b7131469e02bb7cb67524caa83264ed2420452d14c3
GET /wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1cc-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 324
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/themes/erlinews/js/general.min.js?ver=1.0
34.125.198.6200 OK 2.1 kB URL HTTP/1.1 ercaws.com/wp-content/themes/erlinews/js/general.min.js?ver=1.0
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (648), with CRLF line terminators
Hash b0ec8a7a8610114cbe8b443cb537cdb3
ed8726784ab858d2295b60aca5ed7545c2992b70
0bf866af83fedb7cce8b4a6253c215147b3d34addd6d50abff3567433f2a43b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/erlinews/js/general.min.js?ver=1.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:05 GMT
ETag: "15be-5ed8ccdb46617-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2083
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/syncopate/v19/pe0sMIuPIYBCpEV5eFdCBfe_.woff2
142.250.74.163200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/syncopate/v19/pe0sMIuPIYBCpEV5eFdCBfe_.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 32344, version 1.0\012- data
Hash db4110c4dae8b7ae8def81317425cd3d
7daee4845ac4cd064c8887d5d8da7b27120c6530
b57f964dfec15bc7e94db5c8930e02d2f4031c284a8e852b23b81a29450dbd14
GET /s/syncopate/v19/pe0sMIuPIYBCpEV5eFdCBfe_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:44:24 GMT
expires: Wed, 29 Nov 2023 23:44:24 GMT
cache-control: public, max-age=31536000
age: 208504
last-modified: Tue, 19 Apr 2022 19:27:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/syncopate/v19/pe0pMIuPIYBCpEV5eFdKvtKqBP5v.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/syncopate/v19/pe0pMIuPIYBCpEV5eFdKvtKqBP5v.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17432, version 1.0\012- data
Hash 12d6883a7520aa52e3f811fec96043e1
a230d34332158e1414a360efaae0ecd01c4fa5ef
8a462650535a7d255dd037dc3ca7eefde4b2b988bb110736290dbd7b74a83fea
GET /s/syncopate/v19/pe0pMIuPIYBCpEV5eFdKvtKqBP5v.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:24:24 GMT
expires: Thu, 30 Nov 2023 18:24:24 GMT
cache-control: public, max-age=31536000
age: 141304
last-modified: Tue, 19 Apr 2022 19:28:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ercaws.com/wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1
34.125.198.6200 OK 4.7 kB URL HTTP/1.1 ercaws.com/wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1034)
Hash f27a137472f5d9b36facd92fcd4d259a
e335330bb4f7ac1f6459dfde939d65960591fcb2
ba23273080de56b99d3500cb1ff97249c2fefd3039007b0724390f40b1ea9faa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:52 GMT
ETag: "4705-5ed8cd07fe9cb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4689
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:14:39 GMT
expires: Tue, 28 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 303889
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ercaws.com/wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2
34.125.198.6200 OK 17 kB URL HTTP/1.1 ercaws.com/wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document, ASCII text, with very long lines (43622), with CRLF line terminators
Hash 50ed5d1a904547e62b70fc22f31a884d
bbdba6789e15f56a35f1551766c5d338d1900a4a
49a5cce9921fd29231dd2c480dda65d3d3c6e2ac896e23d39f1978363d130580
GET /wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:21 GMT
ETag: "117c1-5ed8cce9c4569-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17088
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2
34.125.198.6200 OK 2.8 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (367), with CRLF line terminators
Hash 021d5a776aa2cfbec2286966bd941107
a9b3140071b94301baf6e13e0a964df05ff76e7a
044422911345e9187324a2160db435ac4577165ff47904bdc825dfd59ce316a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:43:09 GMT
ETag: "39af-5ed8d6ed8dca1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2804
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c
34.125.198.6200 OK 3.6 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (7366)
Hash 3402aecb395ae3434d2b5cf6f9e262ce
62ca18fd4b0261d4875fb6df5003c5acb26dedbb
65823b3a99fab08618f0dda8406f83488924c97509513d2ab6b96895685843d3
GET /wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1ecf-5ee557ab91a70-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3613
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a
34.125.198.6200 OK 2.3 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (5195)
Hash ccbad6f98e42f23a700b6b0c5071b83b
0ec6495d6ee95e663b4f86ebd76bb6df43a47dae
fefcf2ab0837842c548f7edad97be4665c9ad4e1944bb1192cccd8f3374a88d8
GET /wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1471-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2262
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
34.125.198.6200 OK 3.1 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d267bd35ccf6033cb8e9837358eb9856
a3497f6e883b3ad6d7c24241d8cf27a12b207b18
7b085d8f0972e8a90636d785ea53496c27bd7b73335aafd6003d847a835d8e7e
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Sep 2022 15:27:16 GMT
ETag: "29ed-5e9be654a9d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3086
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0
34.125.198.6200 OK 3.9 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (12967)
Hash bfc2a3cf51e05a3b7a85474e22002a91
131d9b0d15174f362c7c3c32db2b0749ad2aa158
9331da57c96a8c1fb3b6205c7638b0df436626c56745b3bc4e126fa4f354c5c7
GET /wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:23 GMT
ETag: "330c-5eeaa39aca9f9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3912
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
34.125.198.6200 OK 2.2 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (4918)
Hash 5623a2e2bcaeb031c1a782030f1b14f9
c46b7389cb2839e47558c2d417d89169048b8031
cbe16e1c67c55ba8e9fc2363728b933f3ef2f1af411a1febbbe565e6363bfd5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:13 GMT
ETag: "135d-5ed8d0033730e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2194
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/css/erlinews-addstyle.css
52.95.162.45200 OK 95 kB URL HTTP/1.1 suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/css/erlinews-addstyle.css
IP 52.95.162.45:0
File type ASCII text, with very long lines (448), with CRLF line terminators
Hash 695b3ff6d8a176c7a7fc2dae482fca24
3ae60f7030ca2b342e66e42254927e3f1360e0bc
02e989b22641b4520038ac067676a5bc61068ff15be4ee0ac119fce795f4e052
GET /ANDYTIME/css/erlinews-addstyle.css HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FqEil8s+JlohsewC8zHlrGBZ+l4qBU8jdTfkt0qZgHpAvJWMgmDKc2gt24E++mQXhW16kP6WKbs=
x-amz-request-id: BQMXEF419PNF00A0
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 11:10:06 GMT
ETag: "695b3ff6d8a176c7a7fc2dae482fca24"
x-amz-version-id: BO1ROUnS2uwYPwfMmpMVCnpwfmJjBJPE
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 94869
ercaws.com/wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2
34.125.198.6200 OK 59 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (28322)
Hash 2630cb01119489c4685bbaadebc9751c
858253ca3b58918343a2e5f620e42b39369714b1
dc1f72ba709619c38dcbf5e958aee2858a6af633bfd992a57234bb81e6df84e7
GET /wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "37ef5-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ercaws.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
34.125.198.6200 OK 11 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash f2cf4b8cf6fd44b62dc73e5e480fc684
53cecab8767410c3f2acdeef147e62a5733db1d2
5c31c8633b4099e2e0f8aec7f4c1f6fa84539a2043545296200bc8d47778a4db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:07 GMT
ETag: "80b3-5ed8cffdedad4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10752
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2
34.125.198.6200 OK 84 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4665e06591e1f754f24b7868f59e6c6e
71ab45805011f71ce65a76561043bee04e7410c5
e50dde96757bb308d972e194fe9afd884493fdd311d864bad26970b30ab5e032
GET /wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "4e480-5edc49a937fb4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ercaws.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
34.125.198.6200 OK 3.0 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:39 GMT
ETag: "2fa6-5ed8cfe319851-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2993
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1
34.125.198.6200 OK 1.1 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (2620), with no line terminators
Hash 366a9c35bbef9fea7021f6b1b56cf8d0
18feab78c61c6e8261db364d6681a9633041e837
b1108a264198109bc4e692e30e2dc7c148625fa9a3dce15477fc7618669c7a6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:40 GMT
ETag: "a3c-5ed8cfe40caf0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1139
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
34.125.198.6200 OK 3.4 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (10544)
Hash 88f71137b2a89a53df46cdb4deeb4e3d
426e12f0e8712db20afd2c54e77e1384074f3181
591a8b7a859de8af878c56e1ec72384596285f768387e9958f0a0afe53d89428
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:58 GMT
ETag: "29ba-5ed8cff4d1a5e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3446
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
34.125.198.6200 OK 12 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (40474)
Hash cdc93088cc6a33163d5501beeb7e2f34
7bff6d832259f16631f6e3a86c2aded975ffe51f
d1546274f50a7f5170799dfc32fa05297fbeb7d63205fd3f38679de0b77c03da
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:07 GMT
ETag: "9e41-5ed8cffe2d274-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12045
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
ercaws.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1
34.125.198.6200 OK 13 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (43101)
Hash ba8651f8b75f8f4904bfb98feb3a05f9
2b5717c8fee860602ea848af927362ae6d337dff
16f68830fee46a748674c3985f70fda02147d3c79b2c3767909117725cbb9b81
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:10 GMT
ETag: "a884-5ed8d000bc6d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13120
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/css/style.css
52.95.162.45200 OK 104 kB URL HTTP/1.1 suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/css/style.css
IP 52.95.162.45:0
File type ASCII text, with very long lines (492)
Size 104 kB (104239 bytes)
Hash e36d134cbea996d3de8ab018a80637a4
b87bcea47410ba3bb578652d43f598e8cbf6cc2c
8d0b567a873a195677ff60eb0572a0ca5de60c81140e37020f9903cffbb870d4
GET /ANDYTIME/css/style.css HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: S2T1whLms0CfTOOpFuUGG5KLvLtMmjqZrccGsho0of19MU+VDwvfAgRvL4osGiiA9XaMO1ht4P4=
x-amz-request-id: BQMHC1C4R5XZSHG1
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 11:10:07 GMT
ETag: "e36d134cbea996d3de8ab018a80637a4"
x-amz-version-id: wBihXfvyUd4KA93H0ZjcdICHrVdYtK6A
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 104239
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js
192.0.77.37200 OK 3.1 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (8281)
Hash bd88e76ae29c7192aa508ead47e1b662
da4c99f65a538018c35dd92598d42235c7a60ced
8a7b40eb6d5acaf0cf74e558c5dcf15ba252dcab24296c78963e2cd36334866e
GET /c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-WE60NPT82J>m=2oebu0&_p=1717614139&cid=1314831951.1669973966&ul=en-us&sr=1280x1024&_s=1&sid=1669973966&sct=1&seg=0&dl=https%3A%2F%2Fercaws.com%2F&dt=Egregious%20and%20Retaliatory%20Center%20for%20Investigations%20and%20Press%20Release%20in%20the%20ongoing%20Amazon%20Corporate%20Retaliations%20Campaign%20*%20Egregious%20Retaliatory%20Center%20for%20Research%20and%20Development%20Publications%20via%20Amazon%20Dev%20Center%27s%20ongoing%20Corporate%20Retaliation&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-WE60NPT82J>m=2oebu0&_p=1717614139&cid=1314831951.1669973966&ul=en-us&sr=1280x1024&_s=1&sid=1669973966&sct=1&seg=0&dl=https%3A%2F%2Fercaws.com%2F&dt=Egregious%20and%20Retaliatory%20Center%20for%20Investigations%20and%20Press%20Release%20in%20the%20ongoing%20Amazon%20Corporate%20Retaliations%20Campaign%20*%20Egregious%20Retaliatory%20Center%20for%20Research%20and%20Development%20Publications%20via%20Amazon%20Dev%20Center%27s%20ongoing%20Corporate%20Retaliation&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-WE60NPT82J>m=2oebu0&_p=1717614139&cid=1314831951.1669973966&ul=en-us&sr=1280x1024&_s=1&sid=1669973966&sct=1&seg=0&dl=https%3A%2F%2Fercaws.com%2F&dt=Egregious%20and%20Retaliatory%20Center%20for%20Investigations%20and%20Press%20Release%20in%20the%20ongoing%20Amazon%20Corporate%20Retaliations%20Campaign%20*%20Egregious%20Retaliatory%20Center%20for%20Research%20and%20Development%20Publications%20via%20Amazon%20Dev%20Center%27s%20ongoing%20Corporate%20Retaliation&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://ercaws.com
date: Fri, 02 Dec 2022 09:39:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?fit=1250%2C100&ssl=1
192.0.77.2200 OK 2.9 kB URL HTTP/2 i0.wp.com/ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?fit=1250%2C100&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5768d4915eab3d21d8ed43fa865eac05
f7a2e820276f4dec081c3179374b20b274e16537
bfe17647f978b6d4fbc6dcd7232d187770968b5142253d32840fb8c6d4fd9cff
GET /ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?fit=1250%2C100&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 2910
last-modified: Thu, 01 Dec 2022 22:51:34 GMT
expires: Sun, 01 Dec 2024 10:51:34 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "0d126b95052072f3"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/ercawsg4.js
52.95.162.45200 OK 228 kB URL HTTP/1.1 suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/ercawsg4.js
IP 52.95.162.45:0
File type ASCII text, with very long lines (25492)
Size 228 kB (228095 bytes)
Hash d597bb1c362e84bafa57a28d0ed196a7
4d96128a38d2e1628b214cd0de3c796505b19c58
6617b0aa9da229c29f421d8f6dddaf8e1d9876863105a66a272d6d64368fa388
GET /ANDYTIME/js/ercawsg4.js HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: I66IcKBoTEcpb+Gy6PjiX0XjUt1fVDDenMesJvhlQYBU1gTrzfI3gQIVPrv2I+M7VznnFrNyb3E=
x-amz-request-id: BQMTZBEJP0QSAQ92
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 14:35:16 GMT
ETag: "d597bb1c362e84bafa57a28d0ed196a7"
x-amz-version-id: .O6jh0EqMGa07.sroIOok6_nN8fQbbWG
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 228095
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/FGP.js
52.95.162.45200 OK 227 kB URL HTTP/1.1 suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/FGP.js
IP 52.95.162.45:0
File type ASCII text, with very long lines (25381)
Size 227 kB (227442 bytes)
Hash 50c3cf301af0cbc631ee4154a30d8066
69a65640d1f383244a1a3008de3853924921a15b
0534977781a48c11cdbd52a591dcb6cc9763fe31820f34a997d15baaea80786a
GET /ANDYTIME/js/FGP.js HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: KJBRmPdq+Vb26CGtuZmmfSFUbGckNFKKPRkkFGqFa7UHka8Hl/N7ESuCMptCvbR70I+g2yVvhMk=
x-amz-request-id: BQMX18BKCVS0JAAK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Sun, 06 Nov 2022 04:49:33 GMT
ETag: "50c3cf301af0cbc631ee4154a30d8066"
x-amz-version-id: 59GXm1rcLYcxJ5HZ9QvVFZDP9.LW58ns
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 227442
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
34.125.198.6200 OK 77 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:50 GMT
ETag: "12d68-5ed8cfedb0746"
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 14:07:32 GMT
expires: Thu, 30 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 156716
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:53:49 GMT
expires: Thu, 30 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 139539
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:08 GMT
expires: Thu, 30 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 137120
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abhayalibre/v13/e3t5euGtX-Co5MNzeAOqinEY22_CrdZJ.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/abhayalibre/v13/e3t5euGtX-Co5MNzeAOqinEY22_CrdZJ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21396, version 1.0\012- data
Hash c4bbbdc1763c1c6d17d5839e95b5446d
ef7fc81754b7af13a3a9c2c37af76830043b566c
874cc7196b007e01a00c347039117d759fa88747384d4add0c7a4d6e92dd125f
GET /s/abhayalibre/v13/e3t5euGtX-Co5MNzeAOqinEY22_CrdZJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:06:01 GMT
expires: Thu, 30 Nov 2023 19:06:01 GMT
cache-control: public, max-age=31536000
age: 138807
last-modified: Tue, 19 Apr 2022 18:52:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ercaws.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
34.125.198.6200 OK 22 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 4ee7969ed0b27cfdfa176782a44af254
3078d8a5194d500709584effb07b0595f0a8d953
280d8155a402144e64924c1054936c0b67c5358d8a13b5ed65c6a12348d00c25
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:39 GMT
ETag: "21f91-5ed8cfe3a4311-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35491
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:51:10 GMT
expires: Thu, 30 Nov 2023 19:51:10 GMT
cache-control: public, max-age=31536000
age: 136098
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:56:18 GMT
expires: Thu, 30 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 139390
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:53:39 GMT
expires: Tue, 28 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 312349
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg?fit=1250%2C100&ssl=1
192.0.77.2200 OK 3.7 kB URL HTTP/2 i0.wp.com/ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg?fit=1250%2C100&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 213x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63c54ffb06cb2993f945d37cf6b9e48d
b132cab0dcbf06d4a8be649b871e97b38925a276
836b53eb1a171603abd234b0005ad1f53b04bb49d91c307d7ba9c9a671ba882c
GET /ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg?fit=1250%2C100&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 3692
last-modified: Thu, 01 Dec 2022 17:55:18 GMT
expires: Sun, 01 Dec 2024 05:55:18 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "018669754290d736"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ercaws.com/wp-content/plugins/gtranslate/gtglobe.svg
34.125.198.6200 OK 6.5 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gtranslate/gtglobe.svg
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (6096), with CRLF line terminators
Hash d00f0dac15b45bdd1c42a6617a116279
135fe1d19bc45581318afcd8ceee480343e3a40f
33b904cd2bd9a5826ae66e27aad776396dea95934c78f8561b0e213ee7a4d9df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/gtglobe.svg HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:31:46 GMT
ETag: "1965-5eeaa423a4c52"
Accept-Ranges: bytes
Content-Length: 6501
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/svg+xml
i0.wp.com/d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png?fit=1250%2C100&ssl=1
192.0.77.2200 OK 15 kB URL HTTP/2 i0.wp.com/d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png?fit=1250%2C100&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f0bc137f732c5d90a54546c58373d215
f2fdb4efa40e067cc60fd249a74c0cb6cac68e2b
1cd2c47d1cecc494a339fc918a8668a17865ccd01e9b551b13911a6ae24ad525
GET /d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png?fit=1250%2C100&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 14578
last-modified: Wed, 30 Nov 2022 22:00:34 GMT
expires: Sat, 30 Nov 2024 10:00:34 GMT
cache-control: public, max-age=63115200
link: <https://d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png>; rel="canonical"
x-content-type-options: nosniff
etag: "8580f317660bf113"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=211658399&post=87044&tz=-6&srv=ercaws.com&j=1%3A11.5.1&host=ercaws.com&ref=&fcp=3365&rand=0.6051160630546075
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=211658399&post=87044&tz=-6&srv=ercaws.com&j=1%3A11.5.1&host=ercaws.com&ref=&fcp=3365&rand=0.6051160630546075
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=211658399&post=87044&tz=-6&srv=ercaws.com&j=1%3A11.5.1&host=ercaws.com&ref=&fcp=3365&rand=0.6051160630546075 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/ercaws.com/wp-content/uploads/2022/10/selipskyjap.png?resize=150%2C150&ssl=1
192.0.77.2200 OK 24 kB URL HTTP/2 i0.wp.com/ercaws.com/wp-content/uploads/2022/10/selipskyjap.png?resize=150%2C150&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a3f8e7de210c0316d604384a984698d8
21035660fd86b7d64600bdda8d7babb3158f76dd
6952c5b734df94b7c6ae0756715fafb41092962e21f088fb7d007080b7c45842
GET /ercaws.com/wp-content/uploads/2022/10/selipskyjap.png?resize=150%2C150&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 23934
last-modified: Wed, 30 Nov 2022 21:54:56 GMT
expires: Sat, 30 Nov 2024 09:54:56 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/10/selipskyjap.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0577fc3f2957a21d"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?resize=912%2C912&ssl=1
192.0.77.2200 OK 79 kB URL HTTP/2 i0.wp.com/ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?resize=912%2C912&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 912x912, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f680d3fc2083c3802c4304aec52210ed
8d2091a698ad49e3e67d3ae0968732d42159532c
947eda1735c61dacfad32cde136a5ff6e6facedc07a91abadf025d8198a42797
GET /ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?resize=912%2C912&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 79142
last-modified: Thu, 01 Dec 2022 22:51:34 GMT
expires: Sun, 01 Dec 2024 10:51:34 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "3f402fe4fc2fbdd5"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-regular-400.woff2
34.125.198.6200 OK 14 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-regular-400.woff2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 13548, version 331.-31392\012- data
Hash 4a74738e7728e93c4394b8604081da62
fb9648469530a05fa9aac80e47d4d6960472a242
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "34ec-5edc49a9350d4"
Accept-Ranges: bytes
Content-Length: 13548
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/woff2
ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weathericons-regular-webfont.woff2
34.125.198.6200 OK 45 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weathericons-regular-webfont.woff2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 44720, version 1.6553\012- data
Hash 1cd48d78f06d33973d9d761d426e69bf
718dd740e8340888352129e592fed085409e891e
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/weather-atlas/public/font/weather-icons/weathericons-regular-webfont.woff2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:15 GMT
ETag: "aeb0-5ed8cd1e16db5"
Accept-Ranges: bytes
Content-Length: 44720
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
192.0.77.37200 OK 6.3 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 74094ad225231604e8465186a0559e7d
e61965cec2001573a127724c2686ef30de7e2942
b49a311c6b9b77b55fd11a35bb867bcca132e29584185b891a68c910a848ab18
GET /c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
34.125.198.6200 OK 13 kB URL HTTP/1.1 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966; _ga_4VQ4C22FGP=GS1.1.1669973967.1.0.1669973967.0.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:29 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:46 GMT
ETag: "33dc-5ed8cfea0bd6a"
Accept-Ranges: bytes
Content-Length: 13276
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: font/woff2
ercaws.com/wp-content/uploads/2022/11/erc-logo-6000.png
34.125.198.6200 OK 3.1 MB URL HTTP/1.1 ercaws.com/wp-content/uploads/2022/11/erc-logo-6000.png
IP 34.125.198.6:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 11400 x 6000, 8-bit/color RGBA, non-interlaced\012- data
Size 3.1 MB (3059671 bytes)
Hash a3c97f59148861150c4a072b861d5844
b8bdfc9a43cb327ae17bbc44fc5357252f9012e5
6be9f8fae393914a1736c852c05400871cda65d6511e04b5c823ecaa9cfa2581
GET /wp-content/uploads/2022/11/erc-logo-6000.png HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 16:18:54 GMT
ETag: "2eafd7-5eeb275f98f1f"
Accept-Ranges: bytes
Content-Length: 3059671
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
secure.gravatar.com/avatar/7645289731d8ebc042f446d118ef2496?s=225&d=mm&r=g
192.0.73.2200 OK 86 kB URL HTTP/2 secure.gravatar.com/avatar/7645289731d8ebc042f446d118ef2496?s=225&d=mm&r=g
IP 192.0.73.2:0
File type PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c280b693b8d47e4f725fc52ee3f4b3e
c79e8185fa98dc4b1e6fc8c5e1a43ad806597e7c
78db6309ffd38ad5f2aea862292135336d4b632a74fea17790848b19e968d9c4
GET /avatar/7645289731d8ebc042f446d118ef2496?s=225&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:29 GMT
content-type: image/png
content-length: 86220
last-modified: Tue, 18 Oct 2022 21:19:18 GMT
link: <https://www.gravatar.com/avatar/7645289731d8ebc042f446d118ef2496?s=225&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="7645289731d8ebc042f446d118ef2496.png"
access-control-allow-origin: *
expires: Fri, 02 Dec 2022 09:44:29 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3e13fc4da2d3a0453c48b0a29fbc0798
c069a249e08ccd86d688357dc52747aaf9a4d714
5635b661780991fff42b70d0c1a84c0327ad537ce46344d358d35f82d5bfaee2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5635B661780991FFF42B70D0C1A84C0327AD537CE46344D358D35F82D5BFAEE2"
Last-Modified: Thu, 01 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Fri, 02 Dec 2022 15:39:01 GMT
Date: Fri, 02 Dec 2022 09:39:29 GMT
Connection: keep-alive
i0.wp.com/ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=192%2C192&ssl=1
192.0.77.2200 OK 35 kB URL HTTP/2 i0.wp.com/ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=192%2C192&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash de386af25b179b6bc249daa0b1622eb8
82f003a0520387c078b3ecabeb72f00ec576f0c2
dcbcda4e30196434b2b35c1f7027740ff17888b52d78d3f053ca89b32bf5314b
GET /ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:29 GMT
content-type: image/webp
content-length: 35172
last-modified: Thu, 01 Dec 2022 10:50:30 GMT
expires: Sat, 30 Nov 2024 22:50:30 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "d7af483ed6bd9463"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=32%2C32&ssl=1
192.0.77.2200 OK 2.3 kB URL HTTP/2 i0.wp.com/ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=32%2C32&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ba6ac8b7934523f8059d242e8deed7c1
c3f9886c9e4998236d3794654d1b69d66f8a49eb
3884712e5eedf492cea4b018230e40828518630bd577aed93beac9d195871b25
GET /ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:29 GMT
content-type: image/webp
content-length: 2338
last-modified: Wed, 30 Nov 2022 21:52:18 GMT
expires: Sat, 30 Nov 2024 09:52:18 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "c6c84afdc815e538"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 203
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:29 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 08:46:55 GMT
expires: Fri, 02 Dec 2022 10:46:55 GMT
cache-control: public, max-age=7200
age: 3154
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fercaws.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fercaws.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fercaws.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128013
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:29 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ce9bb4656de0fb3edc54136d631bf5e1
95680f8722fba6e609b77df13566cf572de0183d
9a770b0fe4765e62e69c85565ccd057952fb54d078fb9ddb7732d2199f241bb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 313
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "63899e60-117"
Last-Modified: Fri, 02 Dec 2022 09:34:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ce9bb4656de0fb3edc54136d631bf5e1
95680f8722fba6e609b77df13566cf572de0183d
9a770b0fe4765e62e69c85565ccd057952fb54d078fb9ddb7732d2199f241bb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 313
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "63899e60-117"
Last-Modified: Fri, 02 Dec 2022 09:34:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 008d73afe4b0c9173762e808e60a25b4
3667c94f1fb3ac84426306c33e42e977ea1c8f5f
8cb7e87e8a4a09cace36dbc160197bf46a0de5e2a192435616acfa8fa8e973b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:30 GMT
Last-Modified: Fri, 02 Dec 2022 07:51:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313
cloudflareinsights.com/cdn-cgi/rum
104.16.57.101204 No Content 0 B URL HTTP/2 cloudflareinsights.com/cdn-cgi/rum
IP 104.16.57.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 42995
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Dec 2022 09:39:30 GMT
access-control-allow-origin: https://ercaws.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 773318814914b4f3-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
hopelessness.awslegal.us/d8I7pBRrJuxaIwZfRUDtnOe2_v4XXL_0jxFzHH99aqWGgDAyC_4dF2mc1WKS0ftWSEz6HYksTT89UH6eIkTHXtrN3lyEQHTNUfCzNA5bZbdJTx9c1NPy7JkbagmGSjNyl6ualQT6eCOiL90n-NmrEDk8wfAvPJo8q2AofDCwkkEajgmPGDupvCb_XdtYi--C5qJAbot98o954c3p5epQXsA2l637YrJBdvMSH2S
35.163.237.190200 OK 43 B URL HTTP/1.1 hopelessness.awslegal.us/d8I7pBRrJuxaIwZfRUDtnOe2_v4XXL_0jxFzHH99aqWGgDAyC_4dF2mc1WKS0ftWSEz6HYksTT89UH6eIkTHXtrN3lyEQHTNUfCzNA5bZbdJTx9c1NPy7JkbagmGSjNyl6ualQT6eCOiL90n-NmrEDk8wfAvPJo8q2AofDCwkkEajgmPGDupvCb_XdtYi--C5qJAbot98o954c3p5epQXsA2l637YrJBdvMSH2S
IP 35.163.237.190:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Analyzer Verdict Alert fortinet Phishing
GET /d8I7pBRrJuxaIwZfRUDtnOe2_v4XXL_0jxFzHH99aqWGgDAyC_4dF2mc1WKS0ftWSEz6HYksTT89UH6eIkTHXtrN3lyEQHTNUfCzNA5bZbdJTx9c1NPy7JkbagmGSjNyl6ualQT6eCOiL90n-NmrEDk8wfAvPJo8q2AofDCwkkEajgmPGDupvCb_XdtYi--C5qJAbot98o954c3p5epQXsA2l637YrJBdvMSH2S HTTP/1.1
Host: hopelessness.awslegal.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: image/gif
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
Set-Cookie: GMassUniqueID=2481c21c-69e4-4e13-9cc1-651554df20ba; expires=Sun, 21-Sep-2026 03:40:10 GMT; Domain=gmass.co; path=/; SameSite=None; Secure
GMassAffiliateID=; expires=Sun, 21-Sep-2026 03:40:10 GMT; Domain=gmass.co; path=/; SameSite=None; Secure
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Date: Fri, 02 Dec 2022 09:39:25 GMT
Content-Length: 43
syndication.twitter.com/settings?session_id=137b966f0d0180528f639d68cac5fb5934561b1a
104.244.42.8200 OK 374 B URL HTTP/2 syndication.twitter.com/settings?session_id=137b966f0d0180528f639d68cac5fb5934561b1a
IP 104.244.42.8:0
File type JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Hash 925c2a7587f39436ea29513221652474
695b7f2f3d99f407bcdfd0b372db0e28193cc60c
62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
GET /settings?session_id=137b966f0d0180528f639d68cac5fb5934561b1a HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:39:29 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 02 Dec 2022 09:39:30 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: e8a03bf7fc3df067
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 106
x-connection-hash: 0531d28975259bc07295904bbd5134f31e5af76e61293832dcf7d285eb16aac3
X-Firefox-Spdy: h2
platform.twitter.com/js/tweet.495a42551da1e5c4c5171224e18a5a07.js
93.184.220.66200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/js/tweet.495a42551da1e5c4c5171224e18a5a07.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7473), with no line terminators
Hash b437d583e8ec0d5b1b8cbbbe6ce8e6fb
42b010476cbec98ac0ccc2bbdbb6edf0720841a0
f2533975b6a0efb4414f3724ff6bbbdc0da6a3e0e73c16b7313635a3ee62a06c
GET /js/tweet.495a42551da1e5c4c5171224e18a5a07.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "090b14bdcf073940eb641311b50eb08d+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2619
platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
93.184.220.66200 OK 345 B URL HTTP/1.1 platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (345), with no line terminators
Hash d5091670b69b1b059fef0bd7d29c6ea2
310d87ba4dbb762da90db7c7c621b74541b310b6
cf56fd75d5f405fba1fcc9c05b4ef79e8302b89b0713df0ee04a94101438682b
GET /embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 514
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "d5091670b69b1b059fef0bd7d29c6ea2"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 345
platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
93.184.220.66200 OK 345 B URL HTTP/1.1 platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (345), with no line terminators
Hash d5091670b69b1b059fef0bd7d29c6ea2
310d87ba4dbb762da90db7c7c621b74541b310b6
cf56fd75d5f405fba1fcc9c05b4ef79e8302b89b0713df0ee04a94101438682b
GET /embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 514
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "d5091670b69b1b059fef0bd7d29c6ea2"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 345
platform.twitter.com/embed/embed.runtime.485c27f9e5e27d54d810.js
93.184.220.66200 OK 4.2 kB URL HTTP/1.1 platform.twitter.com/embed/embed.runtime.485c27f9e5e27d54d810.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (9477), with no line terminators
Hash 711baf219ec65ea5e3c39c1e379290e1
b4f75e0e129406d086a76091eabb558d614f4349
081f26d9273f83547c014c6cda80b8f0e5433c4a8f156c9bab2349bf78a0ed03
GET /embed/embed.runtime.485c27f9e5e27d54d810.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "ad6866429f67a17b67a1a2c2074558da+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 4194
platform.twitter.com/embed/embed.Tweet.9322608e67b7ed28d6a5.js
93.184.220.66200 OK 6.8 kB URL HTTP/1.1 platform.twitter.com/embed/embed.Tweet.9322608e67b7ed28d6a5.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (17945), with no line terminators
Hash 67b48f74c7b0979d35a739da48dd1e0c
f49dd2cbbb6dcfe1ba507bc9b194762b56d08387
81f8be926c4a6c6fe61f649c8f4c2ad61d12ea15c40aaae8e7767e60103ed2b8
GET /embed/embed.Tweet.9322608e67b7ed28d6a5.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "3e76826422814815e69455c94a8a55ee+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 6810
platform.twitter.com/embed/embed.7796.9998e0c1f229690b022c.js
93.184.220.66200 OK 178 kB URL HTTP/1.1 platform.twitter.com/embed/embed.7796.9998e0c1f229690b022c.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65447)
Size 178 kB (177569 bytes)
Hash 6a94fbf5dde24ff667a86dc6fd1f7a39
9b70f26f426766e3f60d78c4471125f3446a1098
780705c3ae740b1bd6560b966cdf8ff945299b49617c46ca45202d12ceae3328
GET /embed/embed.7796.9998e0c1f229690b022c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128013
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "91d4ffc30ea3fdac95031ed78df9342d+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 177569
platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
93.184.220.66200 OK 6.8 kB URL HTTP/1.1 platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (19697)
Hash f94d48bbbe6a31407ade7d7ccd3aece2
45b97d1ba2353704f853228b7407239245bf2bfe
6ca3f2658a10c59cc6dc5eb763d5f0efece78f7f080ffd82504d686bb284a6ca
GET /embed/embed.749.467388cca0b3fe9c3291.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 6789
platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
93.184.220.66200 OK 1.5 kB URL HTTP/1.1 platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (3858), with no line terminators
Hash 804592c1f044395409edf30bae7c5d9e
58b0e905ef73a66dd7cb908d6a4e09944b2d990e
d1de1e25cae27e9d74f3dc687293611633cec4bb9fd8be9b32a33daa2934803d
GET /embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "9b4625539e420d3aa9e7164c41134250+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1519
platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.280e583b60141e6974ff.js
93.184.220.66200 OK 11 kB URL HTTP/1.1 platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.280e583b60141e6974ff.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (36252)
Hash 418e03178698f2e9b42f1e74af562ed8
3e5cc0ea0c65c395a9ec440f946f7df9151e48df
578369592fa62a7468b7343bbcca50cf60896cffd7a3b100f5593b6da43a3dd8
GET /embed/embed.ondemand.horizon-web.i18n.en-js.280e583b60141e6974ff.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "7e00685696fb67fc183a52902e1e0152+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 11370
platform.twitter.com/embed/embed.ondemand.Tweet.729f47795b687a372bb8.js
93.184.220.66200 OK 18 kB URL HTTP/1.1 platform.twitter.com/embed/embed.ondemand.Tweet.729f47795b687a372bb8.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash c1e69d3118346ea2e9e77af638acf2e3
623faaa8fc6200e27c3d97c7879983a2a1aee75c
4efc8fb6da2a116344180f8b311e99c9784f147a6b75750461cf4067516cfaa2
GET /embed/embed.ondemand.Tweet.729f47795b687a372bb8.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128013
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "f746145cf62856ee8c49dce22284232f+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 18399
platform.twitter.com/embed/embed.8734.99512c4cbfe74f88ce1b.js
93.184.220.66200 OK 68 kB URL HTTP/1.1 platform.twitter.com/embed/embed.8734.99512c4cbfe74f88ce1b.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (65446)
Hash 4ce0b2d8fd3e1faf31dd0f45c30ac9d0
bc814673a3db39729d94ce711ac3b6f8c585740d
91b7a542168b8b670b4899177dacfb4ecec4801629a398cd2b522e21288cb517
GET /embed/embed.8734.99512c4cbfe74f88ce1b.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128013
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "9f88284fca343c40329bd4316da52c58+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 68244
cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592675994561048581&lang=en
93.184.220.70200 OK 1.8 kB URL HTTP/2 cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592675994561048581&lang=en
IP 93.184.220.70:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7156), with no line terminators
Hash 03f34abacfe985029bcc8f70a28037d4
b75641a4ec4bf31554c841c7b43b41926828f96b
bb75a95c8a40921ca629606c5061957c3c6d1780c8c0b763c1e01ddbc2c148e1
GET /tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592675994561048581&lang=en HTTP/1.1
Host: cdn.syndication.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://platform.twitter.com
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-contol-allow-origin: platform.twitter.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 09:39:31 GMT
etag: W/"1bf6-iwdh29+WM7FuAZgTgtjYO4TwAkQ"
last-modified: Thu, 01 Dec 2022 23:18:39 GMT
perf: 7626143928
server: tsa_f
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=177
strict-transport-security: max-age=631138519
vary: Origin, Accept-Encoding
x-connection-hash: ebd07d7c2ec8ca7f13094edd77d252998bf24458075da60c0a90524a59b680bd
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-response-time: 138
x-transaction-id: a4003f172d4972b2
x-tw-cdn: VZ, VZ, VZ
x-xss-protection: 0
content-length: 1771
X-Firefox-Spdy: h2
cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592715238209880073&lang=en
93.184.220.70200 OK 1.3 kB URL HTTP/2 cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592715238209880073&lang=en
IP 93.184.220.70:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3191), with no line terminators
Hash ad927d418ebd06c63b1281b084697abe
97c309f8847a1537011f296280473cc47ce1c1e4
fe688c98b9e517a426e20111820d67c9c765e7fd715cf451fe6acd2dee43af1b
GET /tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592715238209880073&lang=en HTTP/1.1
Host: cdn.syndication.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://platform.twitter.com
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-contol-allow-origin: platform.twitter.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 09:39:31 GMT
etag: W/"c79-WKuM5Gp+mrnvLvA0V08WkGVrWQQ"
last-modified: Thu, 01 Dec 2022 23:18:39 GMT
perf: 7626143928
server: tsa_f
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=211
strict-transport-security: max-age=631138519
vary: Origin, Accept-Encoding
x-connection-hash: d7951659772739ab2455bfc81f2bd406a30a67acbc01dc74c4e0c2d9b4278ac3
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-response-time: 172
x-transaction-id: 630f5136d2713f14
x-tw-cdn: VZ, VZ
x-xss-protection: 0
content-length: 1258
X-Firefox-Spdy: h2
platform.twitter.com/embed/embed.ondemand.Card.d726ccd66212511aa7d9.js
93.184.220.66200 OK 908 B URL HTTP/1.1 platform.twitter.com/embed/embed.ondemand.Card.d726ccd66212511aa7d9.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1791), with no line terminators
Hash d727b8bbdcc468a1632b3da5e3181ba7
f0f4357fb06b3231cee27658092c370482ae8538
6faf6c07fbaaeab15b7a99efd73844a655a05ff1d6f7446367f5ba17f75b1d56
GET /embed/embed.ondemand.Card.d726ccd66212511aa7d9.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128015
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:31 GMT
Etag: "85a7e7691345fef90a94be2cc5dee1da+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 908
platform.twitter.com/embed/embed.9814.a261bea3d494c6cc4944.js
93.184.220.66200 OK 6.3 kB URL HTTP/1.1 platform.twitter.com/embed/embed.9814.a261bea3d494c6cc4944.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (19023), with no line terminators
Hash 289ce02580cc8a4648aa32023a25d52e
e83f0a1113798e244271c0d9a33b29635bca912a
b2d72d7413a37a4ad5f279b3cba04a83c02c9cad89176e1422c96c2e082c5ca0
GET /embed/embed.9814.a261bea3d494c6cc4944.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128012
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:31 GMT
Etag: "d9a1f416196d542ccf4c35f6c3524a50+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 6281
platform.twitter.com/embed/embed.1237.a99a45a33daaad84b2b1.js
93.184.220.66200 OK 119 kB URL HTTP/1.1 platform.twitter.com/embed/embed.1237.a99a45a33daaad84b2b1.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 119 kB (119391 bytes)
Hash b4a7246b58e13412924843e537c25afa
f6fe8f242fe869e61f9739ae782d7f70c683c263
19daf2df951197ea048c76379bb3799918d6173c67d1bcaed1cc87fa982bd515
GET /embed/embed.1237.a99a45a33daaad84b2b1.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128015
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:31 GMT
Etag: "234c10af19046651f3f036074c186c32+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 119391
syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969607%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592675994561048581%22%5D%2C%22item_details%22%3A%7B%221592675994561048581%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969607%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592675994561048581%22%5D%2C%22item_details%22%3A%7B%221592675994561048581%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969607%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592675994561048581%22%5D%2C%22item_details%22%3A%7B%221592675994561048581%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:39:30 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 02 Dec 2022 09:39:31 GMT
content-length: 43
x-transaction-id: 2128dcd6278c00a4
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: 0531d28975259bc07295904bbd5134f31e5af76e61293832dcf7d285eb16aac3
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969760%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592715238209880073%22%5D%2C%22item_details%22%3A%7B%221592715238209880073%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
104.244.42.8200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969760%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592715238209880073%22%5D%2C%22item_details%22%3A%7B%221592715238209880073%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
IP 104.244.42.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969760%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592715238209880073%22%5D%2C%22item_details%22%3A%7B%221592715238209880073%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:39:30 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 02 Dec 2022 09:39:31 GMT
content-length: 43
x-transaction-id: f25bbd6cf89750b7
strict-transport-security: max-age=631138519
x-response-time: 111
x-connection-hash: 0531d28975259bc07295904bbd5134f31e5af76e61293832dcf7d285eb16aac3
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1598395870646616064/2Lboydft_normal.jpg
151.101.244.159200 OK 2.3 kB URL HTTP/2 pbs.twimg.com/profile_images/1598395870646616064/2Lboydft_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash c676f4a18c69b5bc2bee4fcf55e1eef0
d54dcac0fe2c209a85b804526165c97135b6834b
05f1285b4c3c6abc7feeb82faef9a9c3d479fa7d9516f2ebb39042ef63110ee3
GET /profile_images/1598395870646616064/2Lboydft_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 01 Dec 2022 19:15:26 GMT
x-transaction-id: 2ce0c724e71c0962
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:39:31 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7358-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2263
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1396929232182431755/DBOr86oF_normal.jpg
151.101.244.159200 OK 2.3 kB URL HTTP/2 pbs.twimg.com/profile_images/1396929232182431755/DBOr86oF_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 725c42db5133a1e5c61a1a51b6c061a8
96016443a235a1fd0faff74abb52661e7363b5b9
3923cf6af9112c5752a5e9ea62203b60219c90171484e1db3028bf901c8b171c
GET /profile_images/1396929232182431755/DBOr86oF_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 24 May 2021 20:38:57 GMT
x-transaction-id: c3941f09b36806da
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:39:31 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7362-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2263
X-Firefox-Spdy: h2
platform.twitter.com/embed/embed.ondemand.Dropdown.6d3a179919178b621bf5.js
93.184.220.66200 OK 2.3 kB URL HTTP/1.1 platform.twitter.com/embed/embed.ondemand.Dropdown.6d3a179919178b621bf5.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (5669), with no line terminators
Hash f5859f010c34ccac7d632caddcd87376
d463494e24afe93c249dae27de47c9ca119be8e0
42aeded29acbca2458e6ca9fdeaa783f2740505e808a85e623eda5e3d0a8504a
GET /embed/embed.ondemand.Dropdown.6d3a179919178b621bf5.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:31 GMT
Etag: "1e6da137b0a22a9eb6bd69995d23b770+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2344
pbs.twimg.com/profile_images/1308748188229275649/TYlR9zPP_mini.png
151.101.244.159200 OK 1.6 kB URL HTTP/2 pbs.twimg.com/profile_images/1308748188229275649/TYlR9zPP_mini.png
IP 151.101.244.159:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 7def1c6aaa5ff31d114582f8dc6b0507
717a4d3aef16cde0a0b6f88593a604faab8f4d22
939aa8c9c54541f0b617f46a81a70d38a3ba3e2c0e2635b07504516eb522e4b8
GET /profile_images/1308748188229275649/TYlR9zPP_mini.png HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 23 Sep 2020 12:38:58 GMT
x-transaction-id: 6a12a2f6a2886d58
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/png
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:39:32 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7363-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 1640
X-Firefox-Spdy: h2
pbs.twimg.com/card_img/1597809190948540422/_0rE1J1G?format=jpg&name=240x240
151.101.244.159200 OK 13 kB URL HTTP/2 pbs.twimg.com/card_img/1597809190948540422/_0rE1J1G?format=jpg&name=240x240
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3\012- data
Hash 51206758168e15bfbce394ebd2cf18ef
2aa7d33923b7fa08d0c14baf139bd4ba172cb3ee
055956873188dd927fd72e35bbbf56bc0c2373e489f071926710c9e702b7b7a1
GET /card_img/1597809190948540422/_0rE1J1G?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 30 Nov 2022 04:24:11 GMT
x-transaction-id: ea568094c98d992c
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:39:32 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7333-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 12912
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KnOx0PJ8BR9OoAzXfuWk_Je_yawqzY4isC0hYTZRvJ74YiVs8jqyIQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:25:42 GMT
age: 40431
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 03:52:10 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
secure.gravatar.com/js/gprofiles.js?ver=202248
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/js/gprofiles.js?ver=202248
IP 192.0.73.2:0
GET /js/gprofiles.js?ver=202248 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Fri, 09 Dec 2022 09:39:26 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Open+Sans&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abhaya+Libre%7COswald%7CRoboto%3A400%2C500%2C600%2C700%2C700italic%2C700%26subset%3Dlatin%2Clatin-ext&ver=1.0.0
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Abhaya+Libre%7COswald%7CRoboto%3A400%2C500%2C600%2C700%2C700italic%2C700%26subset%3Dlatin%2Clatin-ext&ver=1.0.0
IP 142.250.74.106:0
GET /css?family=Abhaya+Libre%7COswald%7CRoboto%3A400%2C500%2C600%2C700%2C700italic%2C700%26subset%3Dlatin%2Clatin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/modules/wpgroho.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/modules/wpgroho.js
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/modules/wpgroho.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Jul 2020 17:06:48 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Mate+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVollkorn+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSyncopate%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbhaya+Libre%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Mate+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVollkorn+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSyncopate%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbhaya+Libre%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Mate+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVollkorn+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSyncopate%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbhaya+Libre%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext
IP 142.250.74.106:0
GET /css?family=Oswald:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:27 GMT
date: Fri, 02 Dec 2022 09:39:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cloudflareinsights.com/cdn-cgi/rum
104.16.57.101200 OK 0 B URL HTTP/2 cloudflareinsights.com/cdn-cgi/rum
IP 104.16.57.101:0
OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ercaws.com/
Origin: https://ercaws.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:39:30 GMT
content-type: text/plain
access-control-allow-origin: https://ercaws.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 773318814910b4f3-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext
IP 142.250.74.106:0
GET /css?family=Roboto:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:27 GMT
date: Fri, 02 Dec 2022 09:39:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/lodash.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/lodash.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/dist/vendor/lodash.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/services.min.css?ver=202248
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/dist/css/services.min.css?ver=202248
IP 192.0.73.2:0
GET /dist/css/services.min.css?ver=202248 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: text/css
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Fri, 09 Dec 2022 09:39:28 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.5.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/hovercard.min.css?ver=202248
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/dist/css/hovercard.min.css?ver=202248
IP 192.0.73.2:0
GET /dist/css/hovercard.min.css?ver=202248 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: text/css
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Fri, 09 Dec 2022 09:39:28 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2