Overview

URLwww.ercaws.com/
IP 188.114.97.1 (Colombia)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-02 09:39:37 UTC
StatusLoading report..
IDS alerts0
Blocklist alert41
urlquery alerts No alerts detected
Tags None

Domain Summary (28)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 17:12:49 UTC 34.117.237.239
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-12-01 18:48:44 UTC 142.250.74.168
secure.gravatar.com (4) 1671 2012-05-22 05:36:38 UTC 2022-12-01 17:14:07 UTC 192.0.73.2
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-12-01 21:18:15 UTC 142.250.74.46
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
c0.wp.com (17) 6988 2018-09-24 15:59:05 UTC 2022-12-01 18:06:01 UTC 192.0.77.37
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
i0.wp.com (7) 3021 2013-09-17 06:14:42 UTC 2022-12-01 17:17:02 UTC 192.0.77.2
r3.o.lencr.org (4) 344 No data No data 95.101.11.115
suntzuping.s3.ap-east-1.amazonaws.com (5) 0 No data No data 52.95.162.45 Unknown ranking
pixel.wp.com (1) 2545 2017-01-30 05:31:40 UTC 2022-12-01 17:22:35 UTC 192.0.76.3
cdn.syndication.twimg.com (2) 1363 2012-09-26 16:27:25 UTC 2020-04-29 06:52:01 UTC 93.184.220.70
ocsp.sca1b.amazontrust.com (5) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
fonts.googleapis.com (6) 8877 2013-06-10 20:14:26 UTC 2022-12-01 17:28:41 UTC 142.250.74.106
fonts.gstatic.com (10) 0 2014-09-09 00:40:21 UTC 2022-12-01 22:08:56 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
cloudflareinsights.com (2) 84344 2020-10-23 05:27:50 UTC 2022-12-01 17:15:37 UTC 104.16.57.101
platform.twitter.com (17) 597 2012-05-21 03:34:05 UTC 2020-05-03 05:23:23 UTC 93.184.220.66
hopelessness.awslegal.us (1) 0 No data No data 35.163.237.190 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 17:14:08 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.starfieldtech.com (1) 6616 2012-06-22 18:08:50 UTC 2020-04-16 20:58:06 UTC 192.124.249.23
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 44.240.159.184
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-01 18:13:33 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
pbs.twimg.com (4) 624 2012-09-06 00:07:06 UTC 2020-01-28 02:26:30 UTC 151.101.244.159
www.ercaws.com (1) 0 2022-11-16 04:39:36 UTC 2022-11-16 17:17:35 UTC 188.114.97.1 Unknown ranking
ercaws.com (65) 0 2022-10-21 19:47:26 UTC 2022-11-30 21:33:43 UTC 34.125.198.6 Unknown ranking
ocsp.pki.goog (8) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
syndication.twitter.com (3) 833 2013-09-20 01:46:47 UTC 2022-12-01 17:16:47 UTC 104.244.42.8

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-02 2 www.ercaws.com/ Phishing
2022-12-02 2 ercaws.com/ Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1 Phishing
2022-12-02 2 ercaws.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/reactpress/public/css/reactpress-public.css?v (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weath (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-aw (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=166 (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-ico (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1 Phishing
2022-12-02 2 ercaws.com/wp-content/uploads/elementor/css/post-8.css?ver=1669820273 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shim (...) Phishing
2022-12-02 2 ercaws.com/wp-content/uploads/elementor/css/global.css?ver=1669820273 Phishing
2022-12-02 2 ercaws.com/wp-content/uploads/elementor/css/post-87044.css?ver=1669931780 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a7 (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f3 (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/weather-atlas/public/js/weather-atlas-public. (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/ (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ve (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd25 (...) Phishing
2022-12-02 2 ercaws.com/wp-content/themes/erlinews/js/general.min.js?ver=1.0 Phishing
2022-12-02 2 ercaws.com/wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2 Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ve (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?v (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.mi (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gtranslate/gtglobe.svg Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-reg (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weath (...) Phishing
2022-12-02 2 ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa (...) Phishing
2022-12-02 2 hopelessness.awslegal.us/d8I7pBRrJuxaIwZfRUDtnOe2_v4XXL_0jxFzHH99aqWGgDAyC_ (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 188.114.97.1
Date UQ / IDS / BL URL IP
2023-02-01 02:20:19 +0000 0 - 8 - 1 dluxewin99.com/918kiss/ 188.114.97.1
2023-02-01 02:14:30 +0000 0 - 0 - 2 paste-bin.xyz/raw/26996 188.114.97.1
2023-02-01 02:11:10 +0000 0 - 0 - 2 www.fanatictechs.com/mtb/ 188.114.97.1
2023-02-01 02:06:47 +0000 0 - 0 - 3 caioaraujo.vip/B1N8/xtsBPDdickpenis.bin 188.114.97.1
2023-02-01 02:06:36 +0000 0 - 0 - 3 caioaraujo.vip/BRQ/CmmCaDtyjdickpenis.bin 188.114.97.1


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-01 02:21:09 +0000 0 - 0 - 10 steamcommunlty.co/giftcard/7656113413245 104.21.76.208
2023-02-01 02:20:39 +0000 0 - 5 - 0 www.mediafire.com/file/ny08hlb42fo6xen/Su4n@u (...) 104.16.54.48
2023-02-01 02:20:19 +0000 0 - 8 - 1 dluxewin99.com/918kiss/ 188.114.97.1
2023-02-01 02:20:06 +0000 0 - 3 - 1 video.o6hff.com/B5zzKVk8 172.67.165.17
2023-02-01 02:18:43 +0000 0 - 0 - 1 pastebin.com/raw/89HKc7WB 104.20.68.143


Last 1 reports on domain: ercaws.com
Date UQ / IDS / BL URL IP
2022-12-02 09:39:37 +0000 0 - 0 - 41 www.ercaws.com/ 188.114.97.1


No other reports with similar screenshot

JavaScript

Executed Scripts (89)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (183)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7545
Expires: Fri, 02 Dec 2022 11:45:09 GMT
Date: Fri, 02 Dec 2022 09:39:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 448
Cache-Control: max-age=89956
Date: Fri, 02 Dec 2022 09:39:24 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:38:40 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12622
Expires: Fri, 02 Dec 2022 13:09:46 GMT
Date: Fri, 02 Dec 2022 09:39:24 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 09:18:11 GMT
cache-control: public,max-age=3600
age: 1273
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Wi2uzNK3QXMIxisfE7resMjMtkuqPifLSKiXxwwi0ZZ/4GcvUQ3uMEh1rP5GMV/Wfhc7JOxAXnc=
x-amz-request-id: KJDP7NMTCV4DDPW1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 08:46:03 GMT
age: 3201
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: www.ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         188.114.97.1
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 02 Dec 2022 09:39:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://ercaws.com/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAVTI2%2FJ0Eiw3OL4Cf%2F9NqfT8zDGRpFd1%2F8Pu4grxIxfEqS7QjqrvoOsqjFAeNhFNcWIlgYitLsfOSN8amrKHXIHB5Gj%2FgT09S%2Bf9sUO5VM9utVWgkdYiwrJgMZT6nvCuw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7733185f4c9cb511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   283
Md5:    ecd5915136c9266dee7fb25c781d435d
Sha1:   9c5a5655715bed2c905a6a6b5ebcabe20e0366d2
Sha256: 5a0d8a4c5d2d938e95edfe3d74ecb8b00f6d149bfff47ef86a28c9c394290a9f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:25 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 09:08:57 GMT
cache-control: public,max-age=3600
age: 1828
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.starfieldtech.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.23
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 09:39:25 GMT
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Dec 2022 04:50:25 GMT
Expires: Sat, 03 Dec 2022 04:50:25 GMT
ETag: "fd8a1861f95b2e238a793e87ccac6bdb0578175b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1846
Md5:    8f434d98f60ef4c27b2048650ba56d7e
Sha1:   fd8a1861f95b2e238a793e87ccac6bdb0578175b
Sha256: b4efb69ef3cc97daa66afc6153b38164b91b4412d4afeaf4fb9ba3c6a3ff00ec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 446
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 09:39:25 GMT
Last-Modified: Fri, 02 Dec 2022 09:31:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +FxtrKNGyhXNAYM2lItHzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.240.159.184
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bHbdmm/rwsgbbJ5MnlYPc8gCwaw=

                                        
                                            GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
                                        
                                            GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   16055
Md5:    3464ae1e83aaddfb763bcd5f5fa9e7f6
Sha1:   2bd95060d73d7f454f92544dc260deeb01756b20
Sha256: cf61093034d5671e71ba19d5b4b385867cc03dff75eba541c0c721069c914945
                                        
                                            GET / HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 02 Dec 2022 09:39:25 GMT
Server: Apache/2.4.41 (Ubuntu)
cf-edge-cache: cache,platform=wordpress
Link: <https://ercaws.com/wp-json/>; rel="https://api.w.org/", <https://ercaws.com/wp-json/wp/v2/pages/87044>; rel="alternate"; type="application/json", <https://wp.me/Pek619-mDW>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 43181
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3291), with CRLF, LF line terminators
Size:   43181
Md5:    587b8a97dae80782b6d1226b18d3cd8e
Sha1:   3856bfc867343e1b8294c7c93095a2b4732913a4
Sha256: f69798b69639e11ef3a98c033062e2bd7f37301207840fbc17ca67bc550fb696

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:41:02 GMT
ETag: "aab-5ed8d67444041-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   972
Md5:    8bf268dfcca7cb20719b7ea14373ef4a
Sha1:   58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
Sha256: eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:31:46 GMT
ETag: "2b5-5eeaa4239bfb2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 299
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   299
Md5:    1e34ceaa9a4c96c3499483f5fe818671
Sha1:   55a92f1196d0155e2bf0632f0905b5b8000f5ad7
Sha256: 9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "a4b-5ee557ab94950-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 710
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2635), with no line terminators
Size:   710
Md5:    d44324c7a85da1e440d06e665adaae2b
Sha1:   7aaaea3a822314ab334ab1332a0f3ff88e94eb56
Sha256: 74d64271ce9fa5f07a12f19bbdeddc89c50e32008cee343eccd38c8f97080083

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/block-options/build/style.build.css?ver=new HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 01 Dec 2022 09:57:17 GMT
ETag: "4d3c-5eec13f060951-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2970
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19768), with no line terminators
Size:   2970
Md5:    9f1a3e58ceb253e08b5736d3d27ad913
Sha1:   6f0596c131819ef777232a8f56cf3f9bfaba953a
Sha256: 8fc5ea4d9441426dacc983c9437940e01aa718eda736ba21b511ebcffb6da9e0
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
ETag: "48b9-5dc6eb878efc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5009
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   5009
Md5:    e6624e0b978e6ddba476be41aaaa82df
Sha1:   822e920d8233072110ed7c8a7f379e5b13209b18
Sha256: dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14006
Expires: Fri, 02 Dec 2022 13:32:52 GMT
Date: Fri, 02 Dec 2022 09:39:26 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 41388
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7334
Md5:    498ab4412ed5cf977bc23e4e870894b0
Sha1:   23753fe8af09ec8ffa10eed4d201a71833885c99
Sha256: 036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 13118
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6174
Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19
Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79
Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 43472
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6882
Md5:    25c68d8b1fae82820f93efca500fd848
Sha1:   45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
Sha256: f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 42558
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5967
Md5:    4e1372b65928f2addd9d8e44ce63ea0c
Sha1:   795fd611123ebde700aaff1f0dac862f9cad00dc
Sha256: de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 42336
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10270
Md5:    4c7113338bc3310b13d23ca415c177e2
Sha1:   2cb4edc6b161c6d2d5b47aa498ae54e677966466
Sha256: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 42570
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2942
Md5:    b47431190f34eccf0a6efb98e2a32b7d
Sha1:   9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
                                        
                                            GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4467
Md5:    056120578eb474a0fc907e436832cfb6
Sha1:   73f7aa3a97ede0b5207111fbda69139c22fa663e
Sha256: 7eec6ac8559a7df0cfb2ceafdb92239a3f47ca7707f0270f625bbedfd38012fa
                                        
                                            GET /c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2827
Md5:    1d72b07ceb0cdaa26ff61accfd785ea5
Sha1:   004b70953971c6ec543a79503c177b7243bc9ed6
Sha256: 3d5aa61201aca1007b1a8bf88c01bf41ca153ee037976760a350d973daa0e27e
                                        
                                            GET /wp-content/plugins/reactpress/public/css/reactpress-public.css?ver=2.1.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:28 GMT
ETag: "62-5eeaa39fdd734-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 106
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   106
Md5:    8af7d01cc8f7698605260aa25a37f45e
Sha1:   854439cb106afae13bace1acbdfd03e0ec2daee4
Sha256: 8b46abceed3ee90f0e9053977b5dcb569c09784270d0e5fff5aebf80256501e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /gtag/js?id=UA-230057426-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 09:39:26 GMT
expires: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   44646
Md5:    29c52c89f2965d607de1a4f958740c73
Sha1:   b8b544df07eeef6b3cae3858257ad196c6fa795c
Sha256: 50b1a2c4cbcbbf2474b63b6c85c6ecb2b4edd292c8439db34cf430909063e2a5
                                        
                                            GET /wp-content/plugins/weather-atlas/public/css/weather-atlas-public.min.css?ver=1.2.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:16 GMT
ETag: "1166-5ed8cd1e6ad74-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1109
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4454), with no line terminators
Size:   1109
Md5:    8eb34f822aebea7e1dceaed955ab673f
Sha1:   ded5e0d110d404318205bb5026905a8f01c09297
Sha256: f2b9b997ce3e52e8bca0e8a339657e5f11ec485df40b404a11e805a167959bb1
                                        
                                            GET /wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "17874-5ee557ab958f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12491
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   12491
Md5:    290c883ccc4c912f39b8efdb8ee95a71
Sha1:   357328327eea83aeb22d72f9d3f6162db1175dc5
Sha256: 0a90f1cc5ddc0fa460b1d2208e1efb4c234e9b5ed4fe066135e676813368cb4a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:15 GMT
ETag: "d70-5ed8cd1d49c75-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 718
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (3440), with no line terminators
Size:   718
Md5:    29d8fbf071ddcb7d406d880241d4f2aa
Sha1:   d5e60a89de7bfb703283394c25b6fc69aabb060e
Sha256: d5506554c323d3f8e71923b46d6dd9ccd3997aba632bdbb12c16337412e22de8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:51 GMT
ETag: "7917-5ed8cfeed08a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7052
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   7052
Md5:    2a2c987c48fb65bb0e78fa2a37120537
Sha1:   ede7a4d5da37f053251e8b8a33be2a23a660473f
Sha256: 3d3136cdfced0eee9b7766b7a17a591f6fb3ba480e71b8930acbea4db4ab71d1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/erlinews/style.css?ver=1.0 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:39 GMT
ETag: "1972f-5ed8ccfb5a497-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19869
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (492)
Size:   19869
Md5:    671fc606a77906bcfda7959c4c778aa8
Sha1:   592f8227caddd2a5b42a7e5a33b012d42807bd18
Sha256: 0763a6ab3cb74e9c0e014d5a401acd9609593a3f7e197fa15a54460847c9ff8a
                                        
                                            GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11256), with no line terminators
Size:   12360
Md5:    d1ce8e348f832cf70345b51f52f59e4d
Sha1:   7f979dd76f1d331a0798b74fd4ae5d9761b8e774
Sha256: 47f238bae086ebc8bb7cce4e5a3c19d0b329ee35b97b16fbedd952be7f98d695
                                        
                                            GET /wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1668597450 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 11:19:50 GMT
ETag: "21ac1-5ed94a6a69024-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12853
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (483), with CR line terminators
Size:   12853
Md5:    5fd8acfedd59617cfc9bc036bfb994f4
Sha1:   e852a6bb14ee329645da42829656a5838b312a62
Sha256: cac8a4c0b726396628ac6256ceecbec91bb0e493543d499616a09ffa86df45b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:55 GMT
ETag: "4b4f-5ed8cff27a0a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3961
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (19233)
Size:   3961
Md5:    24dc15839234f4dbd06f677098762e1c
Sha1:   a285318fa3f4d9a1491f523f080cd32e1df12315
Sha256: 016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/erlinews/css/bootstrap.min.css?ver=5.1.3 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:21 GMT
ETag: "27ff4-5ed8cce9e9729-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23902
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65306)
Size:   23902
Md5:    5a29a10c5051e1e126c68212b4695443
Sha1:   967bcc87411edaf47ea7c4c4f408e814a5a5cbfc
Sha256: f8112f31e245aec8a92e55eaa4710fb78b2f1b464788cfff6e7a59137a224706
                                        
                                            GET /c/6.1.1/wp-includes/js/jquery/ui/menu.min.js HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937)
Size:   3353
Md5:    793df3caa5ba957143ef9ec20812a8a6
Sha1:   b394e303ed4165671a012cbc931305c431805165
Sha256: 85f79c7bc2d250c87bbb53d85bb6d31a868dec8636c32c87468285fed9b06504
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4186), with no line terminators
Size:   1838
Md5:    f1adcd618f513a1ddba72dd71128e9f1
Sha1:   a8979349ebc6873106b93fcaeef1051c1b267522
Sha256: 135de0f4124d6c2e337ab556ca645f4c7e529e13756500935c9391d9b06053e4
                                        
                                            GET /wp-content/themes/erlinews/erlinews-addstyle.css?ver=5.1.3 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:03 GMT
ETag: "17295-5ed8ccd959379-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15386
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (448), with CRLF line terminators
Size:   15386
Md5:    2417d11881e675acea30f0f73f5da61a
Sha1:   be974063365f43f03190b67149ea1f935c0b345a
Sha256: 21ef17460e56c16b8527b63d227ae3102d4ee166c17322e7339ae4f604512b87
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:25 GMT
ETag: "27687-5ed8d00f461a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19732
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   19732
Md5:    64e425a459cf734b7d0db289b7649a90
Sha1:   9a90ea6fe0e05cd286be4809597ecc0ed7930b4c
Sha256: 7d5ebd725d9d7271988ec20af13f060794bd4b65d1dce5c2c7e411647ff93a19

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-8.css?ver=1669820273 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 14:57:53 GMT
ETag: "47c-5eeb15442e181-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 381
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1148), with no line terminators
Size:   381
Md5:    53f424e21573cc5e27f3a7a5a261c842
Sha1:   aa040ed871ad52234406120dce2d97676d66eea3
Sha256: ddf740a83f4160b53ac824ad1c3662a18047274648e1eb558adddc3a183bee48

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:50 GMT
ETag: "e7d0-5ed8cfee121c5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12869
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   12869
Md5:    d7913fc87c4606f82b4ee77a8d47fc2f
Sha1:   62a54acf7535ae53425b44dadfe5fdabf3d8300a
Sha256: bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158941
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 05:48:28 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kxBsN3c2e01YuFXL8Co5uv41ZKGY8-ns7jQVTEojkVpart4Dz-j53g==
Age: 1385

                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:53 GMT
ETag: "684e-5ed8cff031143-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4229
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (26516)
Size:   4229
Md5:    d74abcef3df71d56667a44693f75c454
Sha1:   be993a7b5c88a550ef0dc19c4841f240e41967f8
Sha256: 8c8fb98c0a68a93f2bcf224fcc1bdaa1095fc1b3f5418f2e2c5fddcfa3dee410

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161370
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 06:28:57 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sR_wc8oJDsmfjSU7DIAte5zJUJFd_ftYChD75EP_SHdbr9jRr2mePg==
Age: 3814

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Last-Modified: Fri, 02 Dec 2022 08:47:29 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZCgH79Tw44nX7C5fUOnQp3-h0NEyUU_lDx7R4SXf4Xf--ljbnlODiQ==
Age: 3119

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159446
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 05:56:53 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nrwoNz3SIsTnZtkiw81-GDe0dTiMLReT7l6W55tEg4-jJ5pPM9Yi6w==
Age: 1890

                                        
                                            GET /wp-content/uploads/elementor/css/global.css?ver=1669820273 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 14:57:53 GMT
ETag: "dbb0-5eeb15443fac0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2152
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (48213)
Size:   2152
Md5:    5086a1221546c10850c64ad7c411da29
Sha1:   de9769716b8562db168ac9b1087128c799db58d9
Sha256: 76905284ee34b079c54e14c2600ba136b8865e972c8ceb437528a9f207fd0423

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163748
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 07:08:35 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qu5_6M5abhz5WmKP9JEn_XnmiM7rSYmqNT_OidqFqpZ-f29MU1pSlg==
Age: 6192

                                        
                                            GET /wp-content/uploads/elementor/css/post-87044.css?ver=1669931780 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 01 Dec 2022 21:56:20 GMT
ETag: "b481-5eecb4a977ffa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2631
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (46209), with no line terminators
Size:   2631
Md5:    14e8f99b6af5ee6022135af9a4b840f6
Sha1:   559fcfce1b2db16bbe4d7fbe96425955c3b141a4
Sha256: 6435a423ab676231089ea6160ed8a1ee755398b9bf4cf5264f85dce717a28c95

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "e7d0-5edc49a9350d4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12868
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (59158)
Size:   12868
Md5:    77adb61e8b73b03c938831ca2e7cd41d
Sha1:   3b0c1f53c1161696277d33d1cb6c311f25d2f961
Sha256: b170b9f3758097a377a7068667a531e07a82612331808b5bb2b7ed863bf63e0e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "250fe-5edc49a936074-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21855
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   21855
Md5:    2003102d022a9781fe4d42b5b909f6c8
Sha1:   eadcc08b50cb30b11fd3a906c336cb45d8ef6326
Sha256: 3ef1212104988bb1dbea1a600ad3a0601cc0a0c62f0fccc18f8ea7e24f0dd74d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "385-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 379
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   379
Md5:    fb832128b166910b553cb0a6de7ba005
Sha1:   db47444d89022a51bfef4c37600bc03be64f72f0
Sha256: d67c25cb738a52af9203f362668727bd45715b4f8754301ec41dc0d78bfd929a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "23734-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23844
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size:   23844
Md5:    fb2012929c2b18e52936d82370366270
Sha1:   43ecd550b3e37b16ca22decbb4362fa80c9306c0
Sha256: aa2d5667c091216a7ead21da19590c41362208ce67708925d84c4ef0771ef6e6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/erlinews-widget/style.css HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:43:13 GMT
ETag: "b12-5ed8d6f1d677c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 838
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   838
Md5:    d84bc9f8d2def0f1e84dfc0c405255f2
Sha1:   a22d4fb3914c480e4be8f0d125d5f45a4274d4ba
Sha256: 9f2a1cdcd7eda6796a1d9e3eb18653cac63cbfea3c7c01ffa1430e105f5164d4
                                        
                                            GET /wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:28 GMT
ETag: "346-5eeaa39fdd734-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 479
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   479
Md5:    5850a4d6be478b5a5c29526a957840c4
Sha1:   1854bff2c967f028cf8c1f53b3c7878fb605e329
Sha256: 654a9a69300dd841ea2bc14d36c346377cee298b126463cc844fb26929260843
                                        
                                            GET /wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1fe9-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2484
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (8169), with no line terminators
Size:   2484
Md5:    daa47d2e3e95fd559a8e8b55bb5e0fc4
Sha1:   80890ad053eba31d5cd6e1dc01a6af48c3581457
Sha256: c7784aeb52daf95ef1fd3dce9fd5890a0b873ccf2d959be8f37b3176d9a589e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "11c1-5ee557aba33b0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1636
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4507)
Size:   1636
Md5:    f80c5566694d035722629f262d5477e3
Sha1:   fee1e291de68f347e3c32e61edcb1d4a79cbd7fe
Sha256: a188fa91f1cd0723fb45379b0ca3ec73d46c1376f1bf6a69564952759c1edaa3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "2587-5ee557aba33b0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3771
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   3771
Md5:    afaf7055b7ce023d7af69e2cc7911093
Sha1:   fcae37dbd631bf34240dd89bf32ef7bd5967b783
Sha256: 5d539710eae2bb8dd85955712403c21b83cd8ba55f5b1cda55c22da1b9245dd5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:14 GMT
ETag: "363-5ed8cd1cbc2d6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 480
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (867), with no line terminators
Size:   480
Md5:    747a25813705e6cb7089f28d82c6b60f
Sha1:   d4311f83aabe9d3b98df34b91c6c6f2066c141c8
Sha256: 459873601e832bef8af96502625bd8fec2b5958c73326da2b8e364b0501b4bff

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:14 GMT
ETag: "690-5ed8cd1c70fb6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 865
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1680), with no line terminators
Size:   865
Md5:    e484a499a1b9fa097844b111eb195e35
Sha1:   3572d4af98ab553b4ab54f6e4d4ae57bfd0e4f3c
Sha256: 893c9f1725458ea13ca26ca28a641ae0b1e1a8ad6c0955b5d9421a70ceb083d1
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:49 GMT
ETag: "3acf-5ed8cfec83ac7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4205
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (14869)
Size:   4205
Md5:    1fcdd9935a66511c3b8069495af248e3
Sha1:   b0e375ac95b547b3bb6ce74cd1bcc505ffc2281d
Sha256: 4a741209fc122872cb5ae018a5870d70848a616fa98eb4289ad78cec986ec282

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.7.0 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:23 GMT
ETag: "10d4-5eeaa39aca9f9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1221
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4308), with no line terminators
Size:   1221
Md5:    d83aedf99d3bdc9fde5de1753c320ba1
Sha1:   e5d7c90b4b921e368ffc6d2cbfae2264b5b4f9fa
Sha256: bfed8658f870445ed0f6f46340b6047657f8e5fd249f6b1f07c4dac36bf84e7d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:59 GMT
ETag: "4824-5ed8cff5e603d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2592
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   2592
Md5:    0ea81c35141c6a4692506e4fe8d36edb
Sha1:   392c5f96995e66d74c27ed5a42f93169c2f32d18
Sha256: b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
                                        
                                            GET /css?family=Syncopate:400%7CJacques%20Francois%20Shadow:400%7COswald:400%7CQuintessential:400&subset=latin&display=swap&ver=1669839874 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033), with CRLF, LF line terminators
Size:   10403
Md5:    3f6502a9dbe9fa6062bb3510566b4ca3
Sha1:   4211675913ba0489d20e531569148f4b667db133
Sha256: fb64e9d9d4800f9a5413aa67da6eb8f15e9c405dcf18b427e1dea87c55529013
                                        
                                            GET /wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:42:37 GMT
ETag: "e8c-5ed8d6cec5e9f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1350
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1350
Md5:    9dc331aa18fccf2b0e2e52e1e7d60691
Sha1:   a2770ba627228ab36d47a39d4a037a39efae37a7
Sha256: 699319721e332c7f0461d5e2dafab3fb485b09e4037dd2b96f12aa3d5a2d0c91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:40:59 GMT
ETag: "26d1-5ed8d67167984-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2937
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937), with no line terminators
Size:   2937
Md5:    8189a6a3f3f0efc64f857fe869d3729b
Sha1:   bc84b1c1e96a26fd6595da0cb024aad989c1f331
Sha256: e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ANDYTIME/js/cloudsflaring.js HTTP/1.1 
Host: suntzuping.s3.ap-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.95.162.45
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: Yv9q7PjbiUYuHJUbgCLRHJaNDHMKVETZJN4wZro78rO3/55KYi0smPKx3q/ki7P7UKdWWiRn3Vg=
x-amz-request-id: BQMQJWE1RR355C70
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Wed, 16 Nov 2022 03:01:29 GMT
ETag: "33100f2355611b2375f05486299abf05"
x-amz-version-id: Z3e2qvxseEm36Aa13HK4URg1nBAD1kMH
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 17031


--- Additional Info ---
Magic:  ASCII text, with very long lines (17031), with no line terminators
Size:   17031
Md5:    33100f2355611b2375f05486299abf05
Sha1:   0b2d1b75f6695e67b884bee2eb72165d6e881a26
Sha256: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:40:59 GMT
ETag: "3016-5ed8d671a6184-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3957
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators
Size:   3957
Md5:    832eeb1fd498e5839b89bfb5f05a2f0d
Sha1:   cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
Sha256: 35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "975-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 982
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2382)
Size:   982
Md5:    2502bc85936b1194cdc9915dd84de9fa
Sha1:   3e487681ce8fc9c84af9bbf18d5681bff14983f0
Sha256: 28830445211d1f8e39ef227c331293b254ecc774de7793be33633b66987d0cd0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1cc-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 324
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (422)
Size:   324
Md5:    70563ca72bf48c061219d092600fedd1
Sha1:   95965836b0c0bd6c42c80fe15b5c8842ad36b310
Sha256: c80f2dc654c1d01914413b7131469e02bb7cb67524caa83264ed2420452d14c3
                                        
                                            GET /wp-content/themes/erlinews/js/general.min.js?ver=1.0 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:05 GMT
ETag: "15be-5ed8ccdb46617-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2083
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (648), with CRLF line terminators
Size:   2083
Md5:    b0ec8a7a8610114cbe8b443cb537cdb3
Sha1:   ed8726784ab858d2295b60aca5ed7545c2992b70
Sha256: 0bf866af83fedb7cce8b4a6253c215147b3d34addd6d50abff3567433f2a43b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/syncopate/v19/pe0sMIuPIYBCpEV5eFdCBfe_.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:44:24 GMT
expires: Wed, 29 Nov 2023 23:44:24 GMT
cache-control: public, max-age=31536000
age: 208504
last-modified: Tue, 19 Apr 2022 19:27:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 32344, version 1.0\012- data
Size:   32344
Md5:    db4110c4dae8b7ae8def81317425cd3d
Sha1:   7daee4845ac4cd064c8887d5d8da7b27120c6530
Sha256: b57f964dfec15bc7e94db5c8930e02d2f4031c284a8e852b23b81a29450dbd14
                                        
                                            GET /s/syncopate/v19/pe0pMIuPIYBCpEV5eFdKvtKqBP5v.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:24:24 GMT
expires: Thu, 30 Nov 2023 18:24:24 GMT
cache-control: public, max-age=31536000
age: 141304
last-modified: Tue, 19 Apr 2022 19:28:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17432, version 1.0\012- data
Size:   17432
Md5:    12d6883a7520aa52e3f811fec96043e1
Sha1:   a230d34332158e1414a360efaae0ecd01c4fa5ef
Sha256: 8a462650535a7d255dd037dc3ca7eefde4b2b988bb110736290dbd7b74a83fea
                                        
                                            GET /wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:52 GMT
ETag: "4705-5ed8cd07fe9cb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4689
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1034)
Size:   4689
Md5:    f27a137472f5d9b36facd92fcd4d259a
Sha1:   e335330bb4f7ac1f6459dfde939d65960591fcb2
Sha256: ba23273080de56b99d3500cb1ff97249c2fefd3039007b0724390f40b1ea9faa

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:14:39 GMT
expires: Tue, 28 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 303889
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Size:   25372
Md5:    fe424f96cb627d8b835cb001af17f56e
Sha1:   c5b4368fed99812a99036fba86d01367b5549505
Sha256: 35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:21 GMT
ETag: "117c1-5ed8cce9c4569-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17088
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (43622), with CRLF line terminators
Size:   17088
Md5:    50ed5d1a904547e62b70fc22f31a884d
Sha1:   bbdba6789e15f56a35f1551766c5d338d1900a4a
Sha256: 49a5cce9921fd29231dd2c480dda65d3d3c6e2ac896e23d39f1978363d130580
                                        
                                            GET /wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:43:09 GMT
ETag: "39af-5ed8d6ed8dca1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2804
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (367), with CRLF line terminators
Size:   2804
Md5:    021d5a776aa2cfbec2286966bd941107
Sha1:   a9b3140071b94301baf6e13e0a964df05ff76e7a
Sha256: 044422911345e9187324a2160db435ac4577165ff47904bdc825dfd59ce316a1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1ecf-5ee557ab91a70-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3613
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7366)
Size:   3613
Md5:    3402aecb395ae3434d2b5cf6f9e262ce
Sha1:   62ca18fd4b0261d4875fb6df5003c5acb26dedbb
Sha256: 65823b3a99fab08618f0dda8406f83488924c97509513d2ab6b96895685843d3
                                        
                                            GET /wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1471-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2262
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (5195)
Size:   2262
Md5:    ccbad6f98e42f23a700b6b0c5071b83b
Sha1:   0ec6495d6ee95e663b4f86ebd76bb6df43a47dae
Sha256: fefcf2ab0837842c548f7edad97be4665c9ad4e1944bb1192cccd8f3374a88d8
                                        
                                            GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Sep 2022 15:27:16 GMT
ETag: "29ed-5e9be654a9d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3086
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   3086
Md5:    d267bd35ccf6033cb8e9837358eb9856
Sha1:   a3497f6e883b3ad6d7c24241d8cf27a12b207b18
Sha256: 7b085d8f0972e8a90636d785ea53496c27bd7b73335aafd6003d847a835d8e7e
                                        
                                            GET /wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:23 GMT
ETag: "330c-5eeaa39aca9f9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3912
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (12967)
Size:   3912
Md5:    bfc2a3cf51e05a3b7a85474e22002a91
Sha1:   131d9b0d15174f362c7c3c32db2b0749ad2aa158
Sha256: 9331da57c96a8c1fb3b6205c7638b0df436626c56745b3bc4e126fa4f354c5c7
                                        
                                            GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:13 GMT
ETag: "135d-5ed8d0033730e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2194
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   2194
Md5:    5623a2e2bcaeb031c1a782030f1b14f9
Sha1:   c46b7389cb2839e47558c2d417d89169048b8031
Sha256: cbe16e1c67c55ba8e9fc2363728b933f3ef2f1af411a1febbbe565e6363bfd5d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ANDYTIME/css/erlinews-addstyle.css HTTP/1.1 
Host: suntzuping.s3.ap-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.95.162.45
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: FqEil8s+JlohsewC8zHlrGBZ+l4qBU8jdTfkt0qZgHpAvJWMgmDKc2gt24E++mQXhW16kP6WKbs=
x-amz-request-id: BQMXEF419PNF00A0
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 11:10:06 GMT
ETag: "695b3ff6d8a176c7a7fc2dae482fca24"
x-amz-version-id: BO1ROUnS2uwYPwfMmpMVCnpwfmJjBJPE
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 94869


--- Additional Info ---
Magic:  ASCII text, with very long lines (448), with CRLF line terminators
Size:   94869
Md5:    695b3ff6d8a176c7a7fc2dae482fca24
Sha1:   3ae60f7030ca2b342e66e42254927e3f1360e0bc
Sha256: 02e989b22641b4520038ac067676a5bc61068ff15be4ee0ac119fce795f4e052
                                        
                                            GET /wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "37ef5-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (28322)
Size:   59430
Md5:    2630cb01119489c4685bbaadebc9751c
Sha1:   858253ca3b58918343a2e5f620e42b39369714b1
Sha256: dc1f72ba709619c38dcbf5e958aee2858a6af633bfd992a57234bb81e6df84e7
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:07 GMT
ETag: "80b3-5ed8cffdedad4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10752
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32907)
Size:   10752
Md5:    f2cf4b8cf6fd44b62dc73e5e480fc684
Sha1:   53cecab8767410c3f2acdeef147e62a5733db1d2
Sha256: 5c31c8633b4099e2e0f8aec7f4c1f6fa84539a2043545296200bc8d47778a4db

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "4e480-5edc49a937fb4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   83997
Md5:    4665e06591e1f754f24b7868f59e6c6e
Sha1:   71ab45805011f71ce65a76561043bee04e7410c5
Sha256: e50dde96757bb308d972e194fe9afd884493fdd311d864bad26970b30ab5e032
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:39 GMT
ETag: "2fa6-5ed8cfe319851-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2993
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with no line terminators
Size:   2993
Md5:    cfea3c51880820f2962a7773fbc864f9
Sha1:   45aa7ddc9b0c4201097d0df36791ab346470b734
Sha256: 12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:40 GMT
ETag: "a3c-5ed8cfe40caf0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1139
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2620), with no line terminators
Size:   1139
Md5:    366a9c35bbef9fea7021f6b1b56cf8d0
Sha1:   18feab78c61c6e8261db364d6681a9633041e837
Sha256: b1108a264198109bc4e692e30e2dc7c148625fa9a3dce15477fc7618669c7a6f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:58 GMT
ETag: "29ba-5ed8cff4d1a5e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3446
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (10544)
Size:   3446
Md5:    88f71137b2a89a53df46cdb4deeb4e3d
Sha1:   426e12f0e8712db20afd2c54e77e1384074f3181
Sha256: 591a8b7a859de8af878c56e1ec72384596285f768387e9958f0a0afe53d89428
                                        
                                            GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:07 GMT
ETag: "9e41-5ed8cffe2d274-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12045
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (40474)
Size:   12045
Md5:    cdc93088cc6a33163d5501beeb7e2f34
Sha1:   7bff6d832259f16631f6e3a86c2aded975ffe51f
Sha256: d1546274f50a7f5170799dfc32fa05297fbeb7d63205fd3f38679de0b77c03da
                                        
                                            GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:10 GMT
ETag: "a884-5ed8d000bc6d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13120
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (43101)
Size:   13120
Md5:    ba8651f8b75f8f4904bfb98feb3a05f9
Sha1:   2b5717c8fee860602ea848af927362ae6d337dff
Sha256: 16f68830fee46a748674c3985f70fda02147d3c79b2c3767909117725cbb9b81
                                        
                                            GET /ANDYTIME/css/style.css HTTP/1.1 
Host: suntzuping.s3.ap-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.95.162.45
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: S2T1whLms0CfTOOpFuUGG5KLvLtMmjqZrccGsho0of19MU+VDwvfAgRvL4osGiiA9XaMO1ht4P4=
x-amz-request-id: BQMHC1C4R5XZSHG1
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 11:10:07 GMT
ETag: "e36d134cbea996d3de8ab018a80637a4"
x-amz-version-id: wBihXfvyUd4KA93H0ZjcdICHrVdYtK6A
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 104239


--- Additional Info ---
Magic:  ASCII text, with very long lines (492)
Size:   104239
Md5:    e36d134cbea996d3de8ab018a80637a4
Sha1:   b87bcea47410ba3bb578652d43f598e8cbf6cc2c
Sha256: 8d0b567a873a195677ff60eb0572a0ca5de60c81140e37020f9903cffbb870d4
                                        
                                            GET /c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8281)
Size:   3054
Md5:    bd88e76ae29c7192aa508ead47e1b662
Sha1:   da4c99f65a538018c35dd92598d42235c7a60ced
Sha256: 8a7b40eb6d5acaf0cf74e558c5dcf15ba252dcab24296c78963e2cd36334866e
                                        
                                            POST /g/collect?v=2&tid=G-WE60NPT82J&gtm=2oebu0&_p=1717614139&cid=1314831951.1669973966&ul=en-us&sr=1280x1024&_s=1&sid=1669973966&sct=1&seg=0&dl=https%3A%2F%2Fercaws.com%2F&dt=Egregious%20and%20Retaliatory%20Center%20for%20Investigations%20and%20Press%20Release%20in%20the%20ongoing%20Amazon%20Corporate%20Retaliations%20Campaign%20*%20Egregious%20Retaliatory%20Center%20for%20Research%20and%20Development%20Publications%20via%20Amazon%20Dev%20Center%27s%20ongoing%20Corporate%20Retaliation&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://ercaws.com
date: Fri, 02 Dec 2022 09:39:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?fit=1250%2C100&ssl=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-length: 2910
last-modified: Thu, 01 Dec 2022 22:51:34 GMT
expires: Sun, 01 Dec 2024 10:51:34 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "0d126b95052072f3"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   2910
Md5:    5768d4915eab3d21d8ed43fa865eac05
Sha1:   f7a2e820276f4dec081c3179374b20b274e16537
Sha256: bfe17647f978b6d4fbc6dcd7232d187770968b5142253d32840fb8c6d4fd9cff
                                        
                                            GET /ANDYTIME/js/ercawsg4.js HTTP/1.1 
Host: suntzuping.s3.ap-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.95.162.45
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: I66IcKBoTEcpb+Gy6PjiX0XjUt1fVDDenMesJvhlQYBU1gTrzfI3gQIVPrv2I+M7VznnFrNyb3E=
x-amz-request-id: BQMTZBEJP0QSAQ92
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 14:35:16 GMT
ETag: "d597bb1c362e84bafa57a28d0ed196a7"
x-amz-version-id: .O6jh0EqMGa07.sroIOok6_nN8fQbbWG
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 228095


--- Additional Info ---
Magic:  ASCII text, with very long lines (25492)
Size:   228095
Md5:    d597bb1c362e84bafa57a28d0ed196a7
Sha1:   4d96128a38d2e1628b214cd0de3c796505b19c58
Sha256: 6617b0aa9da229c29f421d8f6dddaf8e1d9876863105a66a272d6d64368fa388
                                        
                                            GET /ANDYTIME/js/FGP.js HTTP/1.1 
Host: suntzuping.s3.ap-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.95.162.45
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: KJBRmPdq+Vb26CGtuZmmfSFUbGckNFKKPRkkFGqFa7UHka8Hl/N7ESuCMptCvbR70I+g2yVvhMk=
x-amz-request-id: BQMX18BKCVS0JAAK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Sun, 06 Nov 2022 04:49:33 GMT
ETag: "50c3cf301af0cbc631ee4154a30d8066"
x-amz-version-id: 59GXm1rcLYcxJ5HZ9QvVFZDP9.LW58ns
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 227442


--- Additional Info ---
Magic:  ASCII text, with very long lines (25381)
Size:   227442
Md5:    50c3cf301af0cbc631ee4154a30d8066
Sha1:   69a65640d1f383244a1a3008de3853924921a15b
Sha256: 0534977781a48c11cdbd52a591dcb6cc9763fe31820f34a997d15baaea80786a
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:50 GMT
ETag: "12d68-5ed8cfedb0746"
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 14:07:32 GMT
expires: Thu, 30 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 156716
last-modified: Wed, 11 May 2022 19:24:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:53:49 GMT
expires: Thu, 30 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 139539
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:08 GMT
expires: Thu, 30 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 137120
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/abhayalibre/v13/e3t5euGtX-Co5MNzeAOqinEY22_CrdZJ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:06:01 GMT
expires: Thu, 30 Nov 2023 19:06:01 GMT
cache-control: public, max-age=31536000
age: 138807
last-modified: Tue, 19 Apr 2022 18:52:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21396, version 1.0\012- data
Size:   21396
Md5:    c4bbbdc1763c1c6d17d5839e95b5446d
Sha1:   ef7fc81754b7af13a3a9c2c37af76830043b566c
Sha256: 874cc7196b007e01a00c347039117d759fa88747384d4add0c7a4d6e92dd125f
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:39 GMT
ETag: "21f91-5ed8cfe3a4311-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35491
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive


--- Additional Info ---
Magic:  data
Size:   21564
Md5:    4ee7969ed0b27cfdfa176782a44af254
Sha1:   3078d8a5194d500709584effb07b0595f0a8d953
Sha256: 280d8155a402144e64924c1054936c0b67c5358d8a13b5ed65c6a12348d00c25
                                        
                                            GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:51:10 GMT
expires: Thu, 30 Nov 2023 19:51:10 GMT
cache-control: public, max-age=31536000
age: 136098
last-modified: Wed, 11 May 2022 19:24:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Size:   17032
Md5:    05a47f9e469d408c629f931cd33ff8b2
Sha1:   823f21f7b1d456db889c3afea393f0d2b9581c38
Sha256: 6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
                                        
                                            GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:56:18 GMT
expires: Thu, 30 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 139390
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size:   17368
Md5:    abe083d96b58eb02ada8b7c30d7b09f2
Sha1:   61447d66d13a8c8f4335696777a85c438c46f749
Sha256: db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:53:39 GMT
expires: Tue, 28 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 312349
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size:   16740
Md5:    e43b535855a4ae53bd5b07a6eeb3bf67
Sha1:   6507312d9491156036316484bf8dc41e8b52ddd9
Sha256: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
                                        
                                            GET /ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg?fit=1250%2C100&ssl=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-length: 3692
last-modified: Thu, 01 Dec 2022 17:55:18 GMT
expires: Sun, 01 Dec 2024 05:55:18 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "018669754290d736"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 213x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   3692
Md5:    63c54ffb06cb2993f945d37cf6b9e48d
Sha1:   b132cab0dcbf06d4a8be649b871e97b38925a276
Sha256: 836b53eb1a171603abd234b0005ad1f53b04bb49d91c307d7ba9c9a671ba882c
                                        
                                            GET /wp-content/plugins/gtranslate/gtglobe.svg HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:31:46 GMT
ETag: "1965-5eeaa423a4c52"
Accept-Ranges: bytes
Content-Length: 6501
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (6096), with CRLF line terminators
Size:   6501
Md5:    d00f0dac15b45bdd1c42a6617a116279
Sha1:   135fe1d19bc45581318afcd8ceee480343e3a40f
Sha256: 33b904cd2bd9a5826ae66e27aad776396dea95934c78f8561b0e213ee7a4d9df

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png?fit=1250%2C100&ssl=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-length: 14578
last-modified: Wed, 30 Nov 2022 22:00:34 GMT
expires: Sat, 30 Nov 2024 10:00:34 GMT
cache-control: public, max-age=63115200
link: <https://d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png>; rel="canonical"
x-content-type-options: nosniff
etag: "8580f317660bf113"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   14578
Md5:    f0bc137f732c5d90a54546c58373d215
Sha1:   f2fdb4efa40e067cc60fd249a74c0cb6cac68e2b
Sha256: 1cd2c47d1cecc494a339fc918a8668a17865ccd01e9b551b13911a6ae24ad525
                                        
                                            GET /g.gif?v=ext&blog=211658399&post=87044&tz=-6&srv=ercaws.com&j=1%3A11.5.1&host=ercaws.com&ref=&fcp=3365&rand=0.6051160630546075 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.76.3
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            GET /ercaws.com/wp-content/uploads/2022/10/selipskyjap.png?resize=150%2C150&ssl=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-length: 23934
last-modified: Wed, 30 Nov 2022 21:54:56 GMT
expires: Sat, 30 Nov 2024 09:54:56 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/10/selipskyjap.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0577fc3f2957a21d"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   23934
Md5:    a3f8e7de210c0316d604384a984698d8
Sha1:   21035660fd86b7d64600bdda8d7babb3158f76dd
Sha256: 6952c5b734df94b7c6ae0756715fafb41092962e21f088fb7d007080b7c45842
                                        
                                            GET /ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?resize=912%2C912&ssl=1 HTTP/1.1 
Host: i0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.2
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-length: 79142
last-modified: Thu, 01 Dec 2022 22:51:34 GMT
expires: Sun, 01 Dec 2024 10:51:34 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "3f402fe4fc2fbdd5"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 912x912, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   79142
Md5:    f680d3fc2083c3802c4304aec52210ed
Sha1:   8d2091a698ad49e3e67d3ae0968732d42159532c
Sha256: 947eda1735c61dacfad32cde136a5ff6e6facedc07a91abadf025d8198a42797
                                        
                                            GET /wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "34ec-5edc49a9350d4"
Accept-Ranges: bytes
Content-Length: 13548
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13548, version 331.-31392\012- data
Size:   13548
Md5:    4a74738e7728e93c4394b8604081da62
Sha1:   fb9648469530a05fa9aac80e47d4d6960472a242
Sha256: ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/weather-atlas/public/font/weather-icons/weathericons-regular-webfont.woff2 HTTP/1.1 
Host: ercaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         34.125.198.6
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:15 GMT
ETag: "aeb0-5ed8cd1e16db5"
Accept-Ranges: bytes
Content-Length: 44720
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44720, version 1.6553\012- data
Size:   44720
Md5:    1cd48d78f06d33973d9d761d426e69bf
Sha1:   718dd740e8340888352129e592fed085409e891e
Sha256: 9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1 
Host: c0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.0.77.37
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size:   6336
Md5:    74094ad225231604e8465186a0559e7d
Sha1:   e61965cec2001573a127724c2686ef30de7e2942
Sha256: b49a311c6b9b77b55fd11a35bb867bcca132e29584185b891a68c910a848ab18
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1 
Host: ercaws.com