Report - www.ercaws.com/

Report Overview

Submitted URL
www.ercaws.com/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-02 09:39:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
82

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	922 B	557 B	216.239.34.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
c0.wp.com	6988	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.9 kB	58 kB	192.0.77.37
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	21 kB	142.250.74.46
www.ercaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	902 B	188.114.97.1
ocsp.starfieldtech.com	6616	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	2.4 kB	192.124.249.23
ercaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	28 kB	3.8 MB	34.125.198.6
syndication.twitter.com	833	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	1.9 kB	104.244.42.8
suntzuping.s3.ap-east-1.amazonaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	674 kB	52.95.162.45
i0.wp.com	3021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	166 kB	192.0.77.2
hopelessness.awslegal.us	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	607 B	706 B	35.163.237.190
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.5 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	15 kB	142.250.74.106
secure.gravatar.com	1671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	88 kB	192.0.73.2
platform.twitter.com	597	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	28 kB	572 kB	93.184.220.66
cloudflareinsights.com	84344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	933 B	814 B	104.16.57.101
cdn.syndication.twimg.com	1363	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.5 kB	93.184.220.70
pbs.twimg.com	624	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	22 kB	151.101.244.159
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.0 kB	205 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	62 kB	34.120.237.76
pixel.wp.com	2545	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	503 B	239 B	192.0.76.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.2 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.240.159.184
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	5.0 kB	143.204.42.158
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	45 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	www.ercaws.com/	Phishing
2022-12-02	medium	ercaws.com/	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1	Phishing
2022-12-02	medium	ercaws.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/reactpress/public/css/reactpress-public.css?ver=2.1.2	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1668597450	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/uploads/elementor/css/post-8.css?ver=1669820273	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/uploads/elementor/css/global.css?ver=1669820273	Phishing
2022-12-02	medium	ercaws.com/wp-content/uploads/elementor/css/post-87044.css?ver=1669931780	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.7.0	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519	Phishing
2022-12-02	medium	ercaws.com/wp-content/themes/erlinews/js/general.min.js?ver=1.0	Phishing
2022-12-02	medium	ercaws.com/wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gtranslate/gtglobe.svg	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-regular-400.woff2	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weathericons-regular-webfont.woff2	Phishing
2022-12-02	medium	ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2	Phishing
2022-12-02	medium	hopelessness.awslegal.us/d8I7pBRrJuxaIwZfRUDtnOe2_v4XXL_0jxFzHH99aqWGgDAyC_4dF2mc1WKS0ftWSEz6HYksTT89UH6eIkTHXtrN3lyEQHTNUfCzNA5bZbdJTx9c1NPy7JkbagmGSjNyl6ualQT6eCOiL90n-NmrEDk8wfAvPJo8q2AofDCwkkEajgmPGDupvCb_XdtYi--C5qJAbot98o954c3p5epQXsA2l637YrJBdvMSH2S	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (89)

	URL	Size	First Seen	Last Seen
	ercaws.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1	40 kB	2023-03-08	2024-04-15
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen724 Hash 2331d602370faa61829c8aa628996c7d e097dda010d924637e9c9f906be7653ae2d29343 5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d Loading...

	ercaws.com/	31 B	2023-03-07	2024-04-26
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:43 Last Seen2024-04-26 13:23:22 Times Seen481 Hash 4157bf26a5609634f3f2c1a8377c9deb db23b4aed4cb5b8fea2e78d0568308d0b8bba67f 27b2ab69381ccff549a515e554b6255aa0d071150c1b9578714ebcf8c243ce85 Loading...

	ercaws.com/	67 B	2023-03-08	2023-09-19
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-09-19 17:56:43 Times Seen6 Hash fdf5293ee3824e56d01f8408a22959fc 8970e1bcc5d55a05e61978f4d8dee437bc564eb0 2041630c09331326be416cc44ba148a912ef2cf531077bd42dcfe884f9226953 Loading...

	ercaws.com/	40 B	2023-03-08	2023-09-19
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-09-19 17:56:43 Times Seen6 Hash 542d79478785995629275163ad447a13 014a9b6b3927f873afe49e0a2834426461960570 636663598b8437ec504ae67cadbddee9c06c9ebc13bd7e74c30a3d394a87809b Loading...

	ercaws.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836	11 kB	2023-03-08	2024-04-09
Pretty URL ercaws.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:26:33 Last Seen2024-04-09 17:29:02 Times Seen124 Hash 670400ecee852ba2a3ff7fea4845a326 5e26b3646e270d6fdeec8261a8ead2edd0dec398 070b943db88a9b02b0f8aa48f8f650e89fad00c2747367923f939c08436c25f3 Loading...

	ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0	13 kB	2023-03-07	2024-01-09
Pretty URL ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55:27 Last Seen2024-01-09 21:39:31 Times Seen22 Hash 0767a9c7495d17c9426b097fa00891e3 48a9ab71b4d12275d1172e262547cc9db09d0f59 3243cbb9ee9cbf19067f27bfdc067d4b8037f7d80783603b5bd0bdd7b51ede04 Loading...

	ercaws.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0	11 kB	2023-03-07	2024-04-26
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 17:32:09 Times Seen5362 Hash 4eee50ac6f4f364ba3a284d0753ddae3 a8e7e824e6824ae0b370ff36e2c07ca07276fae0 b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe Loading...

	ercaws.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8	754 B	2023-03-07	2024-04-25
Pretty URL ercaws.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 13:07:05 Times Seen2671 Hash afb55c29bdbcfc262d9fa56743572cad d4b6cb9df2b1b5477cd968fb05cf5faa1d13d6bf c30dab20b677f2b13f42a4a04385a3c6d380fa023a4a1c32f45f2996e152bfba Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js	11 kB	2023-03-07	2024-04-26
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 23:19:42 Times Seen68682 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	ercaws.com/wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1	1.7 kB	2023-03-07	2024-04-24
Pretty URL ercaws.com/wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:10:13 Last Seen2024-04-24 04:44:58 Times Seen277 Hash a7a8d2842f52b7bccdc89629adfd608e 11584450a99bec61d0ccfc20d9dd012e6d6e49d6 61a0ac67b41038638903ed661ac8e5c64e48c584e70dd500aab9104776c5a0f4 Loading...

	ercaws.com/	263 B	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 695deb344ce946e0ea0fd950504c920b ab9811daab881fb483de7fe048e906fa1bb06ece 9b93dadc2760ecf1cd7162954f4c9fbcca9d8e0fdfb5584573a03e92ed9017ae Loading...

	ercaws.com/wp-content/themes/erlinews/js/general.min.js?ver=1.0	5.6 kB	2023-03-08	2023-03-08
Pretty URL ercaws.com/wp-content/themes/erlinews/js/general.min.js?ver=1.0 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 6714ea56466da74e6777c8f64483839f 8458fb5b937ac2f91af6e203fd89a6d54e623abb 85d01b6a387047e195edcf6bbda4c3e77a99a1357445584128f3058d95c1d4d8 Loading...

	platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.280e583b60141e6974ff.js	36 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.280e583b60141e6974ff.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 23:35:36 Times Seen1 Hash 7e00685696fb67fc183a52902e1e0152 a9d750f57d36660ebfb37130d6768eda3e5089ce be14f9fbd4d1cf53e45577613f25071c17cd66a5c14c9b6ab5f08d067e9ce36b Loading...

	ercaws.com/	25 B	2023-03-07	2024-01-21
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:06 Last Seen2024-01-21 11:32:33 Times Seen82 Hash 31f74a09e71c6c94c9fac6a267f667c7 15874b8b3b3b322f14eb5ebf3b4eafbf98d71031 5daf1b58c9601994156a743febbb95fefe102f1d8ee1b0770a2d85b4d58238ff Loading...

	ercaws.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	9.9 kB	2023-03-08	2024-04-24
Pretty URL ercaws.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3136 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	ercaws.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	12 kB	2023-03-08	2024-04-24
Pretty URL ercaws.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3481 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	ercaws.com/wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519	2.4 kB	2023-03-07	2023-11-17
Pretty URL ercaws.com/wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:16 Last Seen2023-11-17 22:38:51 Times Seen8 Hash c54df77e4452df42245b911e7367341c 986ce78ecd8099abe1b888f840a169b7e9fccd14 53bc781391e5de261abc5e73ef03aeeb3026ba227d488407d41bbbc6eb527986 Loading...

	platform.twitter.com/js/tweet.495a42551da1e5c4c5171224e18a5a07.js	7.5 kB	2023-03-08	2023-03-12
Pretty URL platform.twitter.com/js/tweet.495a42551da1e5c4c5171224e18a5a07.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:55:20 Last Seen2023-03-12 20:51:10 Times Seen1 Hash 090b14bdcf073940eb641311b50eb08d bb4aaa6bf69c7baa8e2c67abbc329787a2dcfc2d 251feee5dacd7cd6acb23ff9f266b3a4a5407369b24a56b97dc041ccf918adc6 Loading...

	platform.twitter.com/embed/embed.ondemand.Dropdown.6d3a179919178b621bf5.js	5.7 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.ondemand.Dropdown.6d3a179919178b621bf5.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 21:10:15 Times Seen1 Hash 1e6da137b0a22a9eb6bd69995d23b770 76edce404835dfa998729627700fec707fecc9c6 5cc8727e6606c6db8c1e299d45bb0ab7eabb46de252ef4790c8dbe1756bc41d1 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js	21 kB	2023-03-08	2024-04-26
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 23:19:41 Times Seen9816 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	ercaws.com/wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1	867 B	2023-03-07	2024-04-24
Pretty URL ercaws.com/wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:10:13 Last Seen2024-04-24 04:44:58 Times Seen232 Hash 6a65d3d8b360253a8e258472ba462a2c cee8b3a1d355c676851d09b3bc6a2258df8c1a4f 1f16361771d04cb3e0729f5f2574589dda5376639b16c943c1c32dd7f1912d0c Loading...

	ercaws.com/wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c	7.9 kB	2023-03-08	2024-02-11
Pretty URL ercaws.com/wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2024-02-11 08:58:18 Times Seen1 Hash aa33abc020c981a59be0254a7eac5294 e39a48a7985ef5dbba16e482af6eb882bd5e8728 8f091e3c2d8764462c91be140b039afa75f921b44de573fd9ded170b42d78eff Loading...

	suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/FGP.js	227 kB	2023-03-08	2023-03-08
Pretty URL suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/FGP.js IP 52.95.162.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 50c3cf301af0cbc631ee4154a30d8066 69a65640d1f383244a1a3008de3853924921a15b 0534977781a48c11cdbd52a591dcb6cc9763fe31820f34a997d15baaea80786a Loading...

	platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js	20 kB	2023-03-08	2023-05-05
Pretty URL platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:55:20 Last Seen2023-05-05 23:56:05 Times Seen248 Hash d3483b9c737e990765e6ba56d01154a3 dc4d5ba11e915263cb1b5da869fd7f306d3c5a64 afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d Loading...

	ercaws.com/wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2	838 B	2023-03-07	2024-04-26
Pretty URL ercaws.com/wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-04-26 22:53:04 Times Seen3767 Hash 49cea0a781874a962879c2caca9bc322 72c1650de2b93ef320d2db873fbb473fe360269c 57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37 Loading...

	ercaws.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2	15 kB	2023-03-08	2023-11-19
Pretty URL ercaws.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-11-19 06:23:54 Times Seen18 Hash 66a628762429eefce72e04e4c26bb761 b6f251616c2b37f027849657af82c0f6cab5405f 3ae65f1d1d62b79d05e0929141e60734b4284bcd55d730f523118f479237e9de Loading...

	ercaws.com/	2.8 kB	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 15158cdac29027f3ba1ff30161d2703f 747f2771cf95be63666bc116765f0170ed0be6d9 2ad199abcc84c17c4bf9aa6a80117c7528b91a32e7a1040d0f857075035604fb Loading...

	ercaws.com/	84 B	2023-03-07	2024-04-27
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-27 00:42:25 Times Seen3216 Hash 7f215c9370788561e1b9e30dd40697ef aca5a8d9d6bae876f32a5b9fb7d1d948afe855b0 eed9d591cae9c609fb97d73f7fe3d192432da0246d97bbbad6d0de0a1bc0cc2d Loading...

	ercaws.com/	153 B	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash fcb32d294b14127ae46cae33087e2a14 1a025230fee3cc846c909f6dde77865be753e43c 1c6556b8b297dbf3ebc2a8ed9fb369e1d982c5d842bade69ee8667c7175abf44 Loading...

	ercaws.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6	139 kB	2023-03-07	2024-04-26
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 22:46:47 Times Seen23173 Hash 15bb2b8491fc7e84137d65f610e1685a cd76b70a5426893e9c022b9a75c50a7c1348e2d0 b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804 Loading...

	ercaws.com/	70 B	2023-03-07	2024-04-27
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-27 00:42:25 Times Seen6545 Hash 4ff152a840e29705f2933718a2571bc3 6c7ed239bcd74ab7a0ea03b3dd4ab74ffceaff49 e426295764322c0b4d881b5da28c2591e9ff651fc07636da1e2979a62a2f349c Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js	1.4 kB	2023-03-08	2024-04-27
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-27 00:42:26 Times Seen24469 Hash 19d386c9004e54941c1cc61d357efa5d 0a77594006c8d86fdcc0adbc2b9aecaef3869586 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js	6.5 kB	2023-03-07	2024-04-26
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen15502 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	www.googletagmanager.com/gtag/js?id=G-WE60NPT82J&l=dataLayer&cx=c	229 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-WE60NPT82J&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 0f59ff9ddc0fc068958252ad56aed55d d2077a9b2394af4c73e1970cac4371a6fdd6eeb0 8531811d21d9af4200f8c457b94458231ed0439a92864aeff92ff82e15caaf40 Loading...

	ercaws.com/wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a	5.2 kB	2023-03-08	2023-11-17
Pretty URL ercaws.com/wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-11-17 22:38:51 Times Seen4 Hash 21fdd0a4da05c52ae9e44677c0160242 d885bec21b9326528748aead3d47ce0fe8986b45 af966d58b47e0a095bed432c4d98aea7514cf8088859c398dba0d6d6db7b469a Loading...

	ercaws.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1	33 kB	2023-03-08	2024-04-15
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen658 Hash 48b7a16ab38005edf9c9964313ce1cd7 8b8569d937aac61fd792b6c68fca974e3cdd94ab 5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7 Loading...

	suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/cloudsflaring.js	17 kB	2023-03-08	2024-02-28
Pretty URL suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/cloudsflaring.js IP 52.95.162.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	platform.twitter.com/widgets.js	99 kB	2023-03-08	2023-11-01
Pretty URL platform.twitter.com/widgets.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:38 Last Seen2023-11-01 12:31:04 Times Seen3 Hash 6633f9603c759c40d9b200995454f17c fc66d8b06e41ccb007fb52884aba2addfc931cbd c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12 Loading...

	ercaws.com/	2.1 kB	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash e98c34179f966e62c297b3aed18d1cdd 53e7e5269d72b957438ec68a3cdffe2af5be0a64 266db6a6f39379ef1db70922379949c5cab3f6eff3a748337473eadceb7ae01d Loading...

	c0.wp.com/p/jetpack/11.5.1/modules/wpgroho.js	2.0 kB	2023-03-07	2024-04-26
Pretty URL c0.wp.com/p/jetpack/11.5.1/modules/wpgroho.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-04-26 16:08:29 Times Seen486 Hash c1fafcf478e9f5d874558524ddade40a e6aa77fbcc1bc2739f9f3742523b7ae623e9691c ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708 Loading...

	platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js	3.9 kB	2023-03-08	2023-05-05
Pretty URL platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-05-05 23:56:05 Times Seen194 Hash 9b4625539e420d3aa9e7164c41134250 d0831a042e05b94ed885df5345e5b295fd2b00de d1c0a4cad147f203a808aac602d7206b03cd903c025c887f53042f09b87c2f80 Loading...

	platform.twitter.com/embed/embed.9814.a261bea3d494c6cc4944.js	19 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.9814.a261bea3d494c6cc4944.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 23:29:26 Times Seen1 Hash d9a1f416196d542ccf4c35f6c3524a50 dd85bb04ab286dc1f12a1bb709c5d962e66b1202 5784433ffd65208aea299a63a89719ac3c515fb94142f3f20a6fc1666172361a Loading...

	platform.twitter.com/embed/embed.1237.a99a45a33daaad84b2b1.js	457 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.1237.a99a45a33daaad84b2b1.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 21:10:15 Times Seen1 Hash 234c10af19046651f3f036074c186c32 1a1e6561e8da4af46c94708d48a222c97e212d8a bb4143ff19e23365c5bb7d1c42483e9ec415f85e0531c8d363e264d3db4f0f88 Loading...

	platform.twitter.com/embed/embed.ondemand.Card.d726ccd66212511aa7d9.js	1.8 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.ondemand.Card.d726ccd66212511aa7d9.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 21:10:16 Times Seen1 Hash 85a7e7691345fef90a94be2cc5dee1da 0e152f01261c2a61fc6567bbce1f862a73e35745 535f0b6c396d4bf404f804e47c1b6265bbcdc5632548895c26b13cfc90a0992d Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/menu.min.js	10 kB	2023-03-08	2024-04-25
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/menu.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-25 15:09:13 Times Seen1114 Hash 087a7b1f3a0e6e458e47752247dea77f b50dc9b67f2440a0f7fd6369c0d0da9eb35f8f77 03a76dde100a17b38d2eaf65bd9d75ca09369d5d601e4262db5696778e930657 Loading...

	ercaws.com/wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2	321 kB	2023-03-08	2023-03-11
Pretty URL ercaws.com/wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 15:26:52 Times Seen1 Hash 8613bee37b35d92956c40ea72420e317 a8c1194d217d6633541882d0378ce2cbe7ae5042 d1566ac3f7f42f6e5e76b92a8600a40952de7af8f7bfe86f97cf0fa486c9e888 Loading...

	suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/ercawsg4.js	228 kB	2023-03-08	2023-03-08
Pretty URL suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/ercawsg4.js IP 52.95.162.45 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash d597bb1c362e84bafa57a28d0ed196a7 4d96128a38d2e1628b214cd0de3c796505b19c58 6617b0aa9da229c29f421d8f6dddaf8e1d9876863105a66a272d6d64368fa388 Loading...

	ercaws.com/	2.1 kB	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash bf5003ced1fc505851c4727bed0f362d fc1fb4ad85dd72967044dccef303ea4026a94b46 e4eb0e504e844e35b94b8daae375cd65f2e50c2aac29f588706d92b2c8d6c3c3 Loading...

	ercaws.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-26
Pretty URL ercaws.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	ercaws.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1	43 kB	2023-03-08	2024-02-03
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:56 Last Seen2024-02-03 17:57:52 Times Seen207 Hash ecbb36c3ad3be14e777b453ce278557b 11611ee478e60ecf2cd969c37bc55da1e1dc9ba4 689cd339b9de5d18314f13848a05a7ede4548ae9e30673035d1302da6d139ba1 Loading...

	ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1	3.7 kB	2023-03-08	2023-03-08
Pretty URL ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash d9e33c88a4f53c8a21ecc97a732bda49 094683aad13111792e64c4fa6af97cc71e91d22d 768888516d786fdff3fe0590927d4d9eefc16ae7833ab91b638cdbad2ed10f5f Loading...

	c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js	685 B	2023-03-07	2024-04-26
Pretty URL c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-26 15:31:28 Times Seen3123 Hash 24626ac4453bf45fe07e6c5d4e859fbd 9adbe5e7a5e1b5fb19aee82a9d765631b62ecb2f 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07 Loading...

	platform.twitter.com/embed/embed.8734.99512c4cbfe74f88ce1b.js	223 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.8734.99512c4cbfe74f88ce1b.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 23:35:37 Times Seen1 Hash 9f88284fca343c40329bd4316da52c58 6b59fac1fc64e1b71c561f4888f7e3fff962e0bc 556f28efe495b17574cb3c7a36dddcec82956d74b532119cf2e0eaf51361e0cf Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js	19 kB	2023-03-08	2024-04-27
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:29 Last Seen2024-04-27 00:42:26 Times Seen41523 Hash f88d5720bb454ed5d204cbdb56901f6b f1952292fde4b15936e9aac16b2b9896684db95b 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a Loading...

	secure.gravatar.com/js/gprofiles.js?ver=202248	24 kB	2023-03-07	2023-05-02
Pretty URL secure.gravatar.com/js/gprofiles.js?ver=202248 IP 192.0.73.2 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:49:13 Last Seen2023-05-02 07:05:44 Times Seen256 Hash f6657906cfdd038662a1c24aa61ca8ba 3cbc263ef767cd036571d3c81bf14a3518bdd8f2 1a72c573becfb1e8529cc987d0508245574afed28a710b3ca816d0f52028c66d Loading...

	www.googletagmanager.com/gtag/js?id=UA-230057426-2	115 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-230057426-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 85c452f23c78fc6bd69b6de5a93b34e8 1ff1ba9f9a984e8a468aa5fc4c03cf72f87aa2bf d73cbdc3c793e143b08fbd4b30a426ec560607eb532bfb01c7e385a77804a94e Loading...

	ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1	15 kB	2023-03-07	2024-04-27
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-27 00:37:33 Times Seen16397 Hash 7a5dea0a705cc2f4cd87dbaaa6666bc6 678bc6f750f13adb29bbc158eb0d9cd813b736fa 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264 Loading...

	ercaws.com/	153 B	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash cda0d187160495ccd7722fce7ef1b318 505bb25d6edd40815f3eba28121335271bd946be 277f1faafd9cdd95fe77226da1bee95fa234440237b4c4a4488c915ff129de46 Loading...

	ercaws.com/wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf	460 B	2023-03-07	2024-04-22
Pretty URL ercaws.com/wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:32 Last Seen2024-04-22 23:08:02 Times Seen106 Hash 965cb81a9d022132c2986568a4731309 62f1e4cf3e2940a2bf2101bfa3b0592e6c87037a 52d995270969aed722e4e20184d2d424f0e1afb1040ef2273549bf0ba7c75d07 Loading...

	ercaws.com/	365 B	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash f0d594af43d339331aadfef79e3fb344 4844f12eb55aaf451b177582d0cb347c0f672fc3 f16b1cbed3040fa1474a12d847c39ec057694307d57e45a63a2c27fb078f748e Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 01:32:12 Times Seen37107747 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ercaws.com/	68 B	2023-03-07	2024-04-27
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 00:42:25 Times Seen22500 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/bootstrap.js?ver=6.1.1	37 kB	2023-03-08	2024-02-14
Pretty URL ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/bootstrap.js?ver=6.1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2024-02-14 11:36:03 Times Seen7 Hash 9ff12f8df35065e7221c5da316c773ee ea5e64b9fa979880306f24e0d0695303e1c2648b 3c4ac435c16ba54e851a53ed658734c69795551abe2015513e3219638763cca4 Loading...

	ercaws.com/wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2	229 kB	2023-03-08	2024-02-13
Pretty URL ercaws.com/wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:49:57 Last Seen2024-02-13 14:03:00 Times Seen81 Hash 78738e942eada72e5b86f87aea841038 b23d81cbd67605244b6cfdf75fa6c138a931638b 1974aa8dc7ee698fa91cdaf8112055c2ed733eca5aa82ea86b598ac21b4e84ed Loading...

	ercaws.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1	2.6 kB	2023-03-07	2024-04-26
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-26 00:33:29 Times Seen11301 Hash 020e87460ce58802842e34a3aac97d83 d2eed5f7573c0bd640fb9f125b6bfedf43ebf9b9 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47 Loading...

	ercaws.com/wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2	72 kB	2023-03-08	2023-03-08
Pretty URL ercaws.com/wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash f6debd04c0391f2bd14aec9f6f22c178 6d038856b57af1fecf55db634ebc0ba9311501c0 db575430992f1b47d8a5e254130359269660d486fedf584cb8f728ae5f96cd2d Loading...

	ercaws.com/	34 B	2023-03-07	2023-09-20
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:32 Last Seen2023-09-20 07:08:45 Times Seen6 Hash c222cb53cb85997859795b85a758dd25 6f0128a40b21651016dc6d1abe3ca9eb9b49ce56 5667f86f263b05b3b2397d2ccb4210c218454a4c41ea54f8c25b67608aa28d25 Loading...

	platform.twitter.com/embed/embed.7796.9998e0c1f229690b022c.js	550 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.7796.9998e0c1f229690b022c.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 23:35:37 Times Seen1 Hash 91d4ffc30ea3fdac95031ed78df9342d c363ec1b2806988a7eb3cb9306376d6d541c2f64 99d9e1fcf64e5dd3fa0ad7d443dd7b0aafd4ac0272b976462483a67dda181c89 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-04-26
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 22:15:52 Times Seen31837 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/lodash.min.js	71 kB	2023-03-07	2024-04-18
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/lodash.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:10 Last Seen2024-04-18 12:49:19 Times Seen1019 Hash 1ca735a2bc6289de8c31917a50f9442e 04021574593449fdddbe29a58b3041c9f861bec1 be7a8a75a7a589c5a1747ea85846bded2393219f42478979c91b86d2ebbea94a Loading...

	stats.wp.com/e-202248.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202248.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	ercaws.com/wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1	18 kB	2023-03-08	2023-03-08
Pretty URL ercaws.com/wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash b2c8f082c0bacc2147c2dd4f011764f4 a178bb0fbcbf72b0e76c5b9f7b3f96ac440cc07f a998fe86a5b9cd0cdc8ffffbfdf3e1733a988b2c892a5c3d3ab662cf8c1fe202 Loading...

	ercaws.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b	4.5 kB	2023-03-07	2023-11-17
Pretty URL ercaws.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:57 Last Seen2023-11-17 22:38:50 Times Seen10 Hash 484790b0f7e5999befd6c265dfec415f 43448f763d48f888969d8d0c6d905e39371ee0d5 9d7433136b91d8f06c22ffea782b6bee6ddbfaa1805bbde6053044675e31b4d1 Loading...

	ercaws.com/	68 B	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 9101691fcf55e505cbd6812eff9bef6e c098710b4ebc9ec8ad2a3b04ced7f2f158b23ce5 664ec304dc2ce1d0c709999deb16a59369efea19dfad2794df691a9aedb085e3 Loading...

	platform.twitter.com/embed/embed.ondemand.Tweet.729f47795b687a372bb8.js	82 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.ondemand.Tweet.729f47795b687a372bb8.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 23:35:37 Times Seen1 Hash f746145cf62856ee8c49dce22284232f 76c888abee38519eff37b2e82bfb5d08e1db764c 1f1c7c3e4898ad34e94dce4f061d61e853a040acc68fe495bb4f1df010031dd6 Loading...

	platform.twitter.com/embed/embed.runtime.485c27f9e5e27d54d810.js	9.5 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.runtime.485c27f9e5e27d54d810.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 23:35:37 Times Seen1 Hash ad6866429f67a17b67a1a2c2074558da f137779c4102cd2dde830704fc6be8a9b6e9aa69 071087359b845d56806fca70c2b49b0b095dba96a7b0d69f6c68dd11cc987d72 Loading...

	ercaws.com/	616 B	2023-03-08	2023-10-18
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-10-18 19:48:11 Times Seen3 Hash 54eb08a395a692f387f04c4a047ebf24 b65cf2b10dde890d4dcee48e16d2d4b2adf0ac81 2046274a8adc60261ebbbba98c8231177b52e2974ce963060c03f71b9e29dec1 Loading...

	ercaws.com/	98 B	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 29e2a28a055befa44c8fd829e1edae60 38b97ae96a478555db472637269068e2cff6ed1c 3208a2bcaa062cd990faf2eba3639c5b74f1ea3800611e299ecd36ca649a24be Loading...

	ercaws.com/	237 B	2023-03-07	2024-04-26
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:41 Last Seen2024-04-26 02:04:43 Times Seen293 Hash f7399a37c0eb36ca82f20b7e877e9204 ae3f71c945626963019850471c89bbaacd02e60a 289f6b251ca2f56c00b4a2414b43fb269df78831536af59dac8e36a75d51f217 Loading...

	platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fercaws.com	327 kB	2023-03-07	2023-05-03
Pretty URL platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fercaws.com IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2023-05-03 22:50:00 Times Seen3 Hash 26599e03fbd14de8182dfc6fb71ab446 00642f9520c1d630f6474a3f910a3444d8e8d589 2af340a08ce2caffa6df9a38412f1df460199ea76e4bc1fe3957cc3ce2962518 Loading...

	ercaws.com/	33 B	2023-03-07	2024-04-27
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-27 00:51:52 Times Seen1529 Hash ae102032d8c0b6b5103eb65fd248e103 a5cec2c40acbcdcf04b09458216536c1c9cc3550 001ae1638da9369dd2b89e34f64ebad10b5aafc9d916727005071a48b2d48c85 Loading...

	ercaws.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1	5.0 kB	2023-03-08	2024-04-15
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-15 22:34:30 Times Seen647 Hash 562ad59077018eb139d1f46afd69a050 d33c188f7d0f306b8a0ede1e3b67a0edb7be8966 f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb Loading...

	ercaws.com/	193 B	2023-03-08	2023-03-08
Pretty URL ercaws.com/ IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-08 14:35:25 Times Seen1 Hash 9badb9cab55563b899d3b6f2a0bfadb2 c72b5636d0523b345961908c100ca7fa916dab42 2b8e4c4b1f476a3fbd96e1f6f6356ff0ba48cc3da3be4fe95955eec6007bce29 Loading...

	platform.twitter.com/embed/embed.Tweet.9322608e67b7ed28d6a5.js	18 kB	2023-03-08	2023-03-11
Pretty URL platform.twitter.com/embed/embed.Tweet.9322608e67b7ed28d6a5.js IP 93.184.220.66 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2023-03-11 23:35:36 Times Seen1 Hash 3e76826422814815e69455c94a8a55ee cc650cf51c58b0908fe2c49e2b0ee0ac8a68cc25 08ff36db5cfc952e7a10ec2b66266c32b160ade4121358b4b127473a537c0e72 Loading...

	c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js	8.5 kB	2023-03-08	2024-04-25
Pretty URL c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-25 15:09:13 Times Seen854 Hash 99017cd1ae098d1e3ad215171ca48290 2c4c8affe6e8deee8bd8b89c0d44d456b9438c63 3c891891a2abfdb8f5ef8f4b1e4e3c25013d934ca396fe8149e6626cc4ea1888 Loading...

	ercaws.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1	8.2 kB	2023-03-08	2024-02-06
Pretty URL ercaws.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:25 Last Seen2024-02-06 18:58:02 Times Seen436 Hash c231e2d4df09051707e231a01de03039 0eaf0050061bccfa5f8cc968174ade12320c3b14 af8a8cd98214ed3d7760402ffa8b8804b073b4bf95d887ed7e81a50f826b523b Loading...

	ercaws.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49	9.6 kB	2023-03-07	2023-11-17
Pretty URL ercaws.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:57 Last Seen2023-11-17 22:38:50 Times Seen8 Hash c1e00126af5599b6f1af149059a13be5 c910df47dd90d441aee522030b79b15f0e9cb10c a3395391d9f0dbc048fc380e19e3a6d60f213c5371a76aa48404c110a7f2eb40 Loading...

	ercaws.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-27
Pretty URL ercaws.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 34.125.198.6 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-27 01:29:53 Times Seen52839 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

HTTP Transactions (183)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7545
Expires: Fri, 02 Dec 2022 11:45:09 GMT
Date: Fri, 02 Dec 2022 09:39:24 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 448
Cache-Control: max-age=89956
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:24 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:38:40 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12622
Expires: Fri, 02 Dec 2022 13:09:46 GMT
Date: Fri, 02 Dec 2022 09:39:24 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 09:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1273
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Wi2uzNK3QXMIxisfE7resMjMtkuqPifLSKiXxwwi0ZZ/4GcvUQ3uMEh1rP5GMV/Wfhc7JOxAXnc=
x-amz-request-id: KJDP7NMTCV4DDPW1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 08:46:03 GMT
age: 3201
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.ercaws.com/

188.114.97.1

302 Found

283 B

URL HTTP/1.1
www.ercaws.com/
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
283 B (283 bytes)
Hash
ecd5915136c9266dee7fb25c781d435d
9c5a5655715bed2c905a6a6b5ebcabe20e0366d2
5a0d8a4c5d2d938e95edfe3d74ecb8b00f6d149bfff47ef86a28c9c394290a9f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 09:39:25 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://ercaws.com/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAVTI2%2FJ0Eiw3OL4Cf%2F9NqfT8zDGRpFd1%2F8Pu4grxIxfEqS7QjqrvoOsqjFAeNhFNcWIlgYitLsfOSN8amrKHXIHB5Gj%2FgT09S%2Bf9sUO5VM9utVWgkdYiwrJgMZT6nvCuw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7733185f4c9cb511-OSL
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 09:08:57 GMT
cache-control: public,max-age=3600
age: 1828
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
8f434d98f60ef4c27b2048650ba56d7e
fd8a1861f95b2e238a793e87ccac6bdb0578175b
b4efb69ef3cc97daa66afc6153b38164b91b4412d4afeaf4fb9ba3c6a3ff00ec

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 09:39:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Dec 2022 04:50:25 GMT
Expires: Sat, 03 Dec 2022 04:50:25 GMT
ETag: "fd8a1861f95b2e238a793e87ccac6bdb0578175b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 446
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:25 GMT
Last-Modified: Fri, 02 Dec 2022 09:31:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.240.159.184

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.159.184:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +FxtrKNGyhXNAYM2lItHzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bHbdmm/rwsgbbJ5MnlYPc8gCwaw=

c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css

192.0.77.37

200 OK

217 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

HTTP Headers

GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.5.1/css/jetpack.css

192.0.77.37

200 OK

16 kB

URL HTTP/2
c0.wp.com/p/jetpack/11.5.1/css/jetpack.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
16 kB (16055 bytes)
Hash
3464ae1e83aaddfb763bcd5f5fa9e7f6
2bd95060d73d7f454f92544dc260deeb01756b20
cf61093034d5671e71ba19d5b4b385867cc03dff75eba541c0c721069c914945

HTTP Headers

GET /p/jetpack/11.5.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:51:34 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ercaws.com/

34.125.198.6

200 OK

43 kB

URL HTTP/1.1
ercaws.com/
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3291), with CRLF, LF line terminators
Size
43 kB (43181 bytes)
Hash
587b8a97dae80782b6d1226b18d3cd8e
3856bfc867343e1b8294c7c93095a2b4732913a4
f69798b69639e11ef3a98c033062e2bd7f37301207840fbc17ca67bc550fb696

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:25 GMT
Server: Apache/2.4.41 (Ubuntu)
cf-edge-cache: cache,platform=wordpress
Link: <https://ercaws.com/wp-json/>; rel="https://api.w.org/", <https://ercaws.com/wp-json/wp/v2/pages/87044>; rel="alternate"; type="application/json", <https://wp.me/Pek619-mDW>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 43181
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ercaws.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

34.125.198.6

200 OK

972 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
972 B (972 bytes)
Hash
8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:41:02 GMT
ETag: "aab-5ed8d67444041-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 972
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ercaws.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1

34.125.198.6

200 OK

299 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
299 B (299 bytes)
Hash
1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:31:46 GMT
ETag: "2b5-5eeaa4239bfb2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 299
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1

34.125.198.6

200 OK

710 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (2635), with no line terminators
Size
710 B (710 bytes)
Hash
d44324c7a85da1e440d06e665adaae2b
7aaaea3a822314ab334ab1332a0f3ff88e94eb56
74d64271ce9fa5f07a12f19bbdeddc89c50e32008cee343eccd38c8f97080083

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenberg/build/block-library/theme.css?ver=14.6.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "a4b-5ee557ab94950-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 710
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/block-options/build/style.build.css?ver=new

34.125.198.6

200 OK

3.0 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/block-options/build/style.build.css?ver=new
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (19768), with no line terminators
Size
3.0 kB (2970 bytes)
Hash
9f1a3e58ceb253e08b5736d3d27ad913
6f0596c131819ef777232a8f56cf3f9bfaba953a
8fc5ea4d9441426dacc983c9437940e01aa718eda736ba21b511ebcffb6da9e0

HTTP Headers

GET /wp-content/plugins/block-options/build/style.build.css?ver=new HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 01 Dec 2022 09:57:17 GMT
ETag: "4d3c-5eec13f060951-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2970
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

34.125.198.6

200 OK

5.0 kB

URL HTTP/1.1
ercaws.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
ETag: "48b9-5dc6eb878efc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5009
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14006
Expires: Fri, 02 Dec 2022 13:32:52 GMT
Date: Fri, 02 Dec 2022 09:39:26 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7334 bytes)
Hash
498ab4412ed5cf977bc23e4e870894b0
23753fe8af09ec8ffa10eed4d201a71833885c99
036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7334
x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoHJOoAMF75g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:09:38 GMT
age: 41388
etag: "23753fe8af09ec8ffa10eed4d201a71833885c99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 13118
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6882 bytes)
Hash
25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 43472
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5967 bytes)
Hash
4e1372b65928f2addd9d8e44ce63ea0c
795fd611123ebde700aaff1f0dac862f9cad00dc
de9011e1f05fb2f7a202f5a6e6ed7b77a339c0af8d3409e4fc898f2b8c6963ad

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a5598e9-4752-4e3f-9938-977b517ce347.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5967
x-amzn-requestid: 889cb78c-7f00-4bd5-8f58-16aeae59f384
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgfFo2IAMF7ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e02-636955ff357675180ee298ff;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7R1Dono_VzhL0RPOfUBX2GC13dxG0n0buPmhAPencEFJ7WupYOUK8w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:08 GMT
age: 42558
etag: "795fd611123ebde700aaff1f0dac862f9cad00dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10270 bytes)
Hash
4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 42336
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 42570
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js

192.0.77.37

200 OK

4.5 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (11126)
Size
4.5 kB (4467 bytes)
Hash
056120578eb474a0fc907e436832cfb6
73f7aa3a97ede0b5207111fbda69139c22fa663e
7eec6ac8559a7df0cfb2ceafdb92239a3f47ca7707f0270f625bbedfd38012fa

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js

192.0.77.37

200 OK

2.8 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.8 kB (2827 bytes)
Hash
1d72b07ceb0cdaa26ff61accfd785ea5
004b70953971c6ec543a79503c177b7243bc9ed6
3d5aa61201aca1007b1a8bf88c01bf41ca153ee037976760a350d973daa0e27e

HTTP Headers

GET /c/6.1.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ercaws.com/wp-content/plugins/reactpress/public/css/reactpress-public.css?ver=2.1.2

34.125.198.6

200 OK

106 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/reactpress/public/css/reactpress-public.css?ver=2.1.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
106 B (106 bytes)
Hash
8af7d01cc8f7698605260aa25a37f45e
854439cb106afae13bace1acbdfd03e0ec2daee4
8b46abceed3ee90f0e9053977b5dcb569c09784270d0e5fff5aebf80256501e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/reactpress/public/css/reactpress-public.css?ver=2.1.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:28 GMT
ETag: "62-5eeaa39fdd734-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 106
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.googletagmanager.com/gtag/js?id=UA-230057426-2

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-230057426-2
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
45 kB (44646 bytes)
Hash
29c52c89f2965d607de1a4f958740c73
b8b544df07eeef6b3cae3858257ad196c6fa795c
50b1a2c4cbcbbf2474b63b6c85c6ecb2b4edd292c8439db34cf430909063e2a5

HTTP Headers

GET /gtag/js?id=UA-230057426-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 09:39:26 GMT
expires: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ercaws.com/wp-content/plugins/weather-atlas/public/css/weather-atlas-public.min.css?ver=1.2.1

34.125.198.6

200 OK

1.1 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/weather-atlas/public/css/weather-atlas-public.min.css?ver=1.2.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (4454), with no line terminators
Size
1.1 kB (1109 bytes)
Hash
8eb34f822aebea7e1dceaed955ab673f
ded5e0d110d404318205bb5026905a8f01c09297
f2b9b997ce3e52e8bca0e8a339657e5f11ec485df40b404a11e805a167959bb1

HTTP Headers

GET /wp-content/plugins/weather-atlas/public/css/weather-atlas-public.min.css?ver=1.2.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:16 GMT
ETag: "1166-5ed8cd1e6ad74-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1109
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1

34.125.198.6

200 OK

12 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65536), with no line terminators
Size
12 kB (12491 bytes)
Hash
290c883ccc4c912f39b8efdb8ee95a71
357328327eea83aeb22d72f9d3f6162db1175dc5
0a90f1cc5ddc0fa460b1d2208e1efb4c234e9b5ed4fe066135e676813368cb4a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenberg/build/block-library/style.css?ver=14.6.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "17874-5ee557ab958f0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12491
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1

34.125.198.6

200 OK

718 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (3440), with no line terminators
Size
718 B (718 bytes)
Hash
29d8fbf071ddcb7d406d880241d4f2aa
d5e60a89de7bfb703283394c25b6fc69aabb060e
d5506554c323d3f8e71923b46d6dd9ccd3997aba632bdbb12c16337412e22de8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:15 GMT
ETag: "d70-5ed8cd1d49c75-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 718
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

34.125.198.6

200 OK

7.1 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7052 bytes)
Hash
2a2c987c48fb65bb0e78fa2a37120537
ede7a4d5da37f053251e8b8a33be2a23a660473f
3d3136cdfced0eee9b7766b7a17a591f6fb3ba480e71b8930acbea4db4ab71d1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:51 GMT
ETag: "7917-5ed8cfeed08a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7052
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/themes/erlinews/style.css?ver=1.0

34.125.198.6

200 OK

20 kB

URL HTTP/1.1
ercaws.com/wp-content/themes/erlinews/style.css?ver=1.0
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (492)
Size
20 kB (19869 bytes)
Hash
671fc606a77906bcfda7959c4c778aa8
592f8227caddd2a5b42a7e5a33b012d42807bd18
0763a6ab3cb74e9c0e014d5a401acd9609593a3f7e197fa15a54460847c9ff8a

HTTP Headers

GET /wp-content/themes/erlinews/style.css?ver=1.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:39 GMT
ETag: "1972f-5ed8ccfb5a497-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19869
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

192.0.77.37

200 OK

12 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (11256), with no line terminators
Size
12 kB (12360 bytes)
Hash
d1ce8e348f832cf70345b51f52f59e4d
7f979dd76f1d331a0798b74fd4ae5d9761b8e774
47f238bae086ebc8bb7cce4e5a3c19d0b329ee35b97b16fbedd952be7f98d695

HTTP Headers

GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ercaws.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1668597450

34.125.198.6

200 OK

13 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1668597450
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (483), with CR line terminators
Size
13 kB (12853 bytes)
Hash
5fd8acfedd59617cfc9bc036bfb994f4
e852a6bb14ee329645da42829656a5838b312a62
cac8a4c0b726396628ac6256ceecbec91bb0e493543d499616a09ffa86df45b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1668597450 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 11:19:50 GMT
ETag: "21ac1-5ed94a6a69024-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12853
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

34.125.198.6

200 OK

4.0 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (19233)
Size
4.0 kB (3961 bytes)
Hash
24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:55 GMT
ETag: "4b4f-5ed8cff27a0a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3961
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/themes/erlinews/css/bootstrap.min.css?ver=5.1.3

34.125.198.6

200 OK

24 kB

URL HTTP/1.1
ercaws.com/wp-content/themes/erlinews/css/bootstrap.min.css?ver=5.1.3
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
24 kB (23902 bytes)
Hash
5a29a10c5051e1e126c68212b4695443
967bcc87411edaf47ea7c4c4f408e814a5a5cbfc
f8112f31e245aec8a92e55eaa4710fb78b2f1b464788cfff6e7a59137a224706

HTTP Headers

GET /wp-content/themes/erlinews/css/bootstrap.min.css?ver=5.1.3 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:26 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:21 GMT
ETag: "27ff4-5ed8cce9e9729-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23902
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/menu.min.js

192.0.77.37

200 OK

3.4 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/menu.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (9937)
Size
3.4 kB (3353 bytes)
Hash
793df3caa5ba957143ef9ec20812a8a6
b394e303ed4165671a012cbc931305c431805165
85f79c7bc2d250c87bbb53d85bb6d31a868dec8636c32c87468285fed9b06504

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/ui/menu.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

192.0.77.37

200 OK

1.8 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (4186), with no line terminators
Size
1.8 kB (1838 bytes)
Hash
f1adcd618f513a1ddba72dd71128e9f1
a8979349ebc6873106b93fcaeef1051c1b267522
135de0f4124d6c2e337ab556ca645f4c7e529e13756500935c9391d9b06053e4

HTTP Headers

GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ercaws.com/wp-content/themes/erlinews/erlinews-addstyle.css?ver=5.1.3

34.125.198.6

200 OK

15 kB

URL HTTP/1.1
ercaws.com/wp-content/themes/erlinews/erlinews-addstyle.css?ver=5.1.3
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (448), with CRLF line terminators
Size
15 kB (15386 bytes)
Hash
2417d11881e675acea30f0f73f5da61a
be974063365f43f03190b67149ea1f935c0b345a
21ef17460e56c16b8527b63d227ae3102d4ee166c17322e7339ae4f604512b87

HTTP Headers

GET /wp-content/themes/erlinews/erlinews-addstyle.css?ver=5.1.3 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:03 GMT
ETag: "17295-5ed8ccd959379-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15386
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1

34.125.198.6

200 OK

20 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65497)
Size
20 kB (19732 bytes)
Hash
64e425a459cf734b7d0db289b7649a90
9a90ea6fe0e05cd286be4809597ecc0ed7930b4c
7d5ebd725d9d7271988ec20af13f060794bd4b65d1dce5c2c7e411647ff93a19

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:25 GMT
ETag: "27687-5ed8d00f461a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19732
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/uploads/elementor/css/post-8.css?ver=1669820273

34.125.198.6

200 OK

381 B

URL HTTP/1.1
ercaws.com/wp-content/uploads/elementor/css/post-8.css?ver=1669820273
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (1148), with no line terminators
Size
381 B (381 bytes)
Hash
53f424e21573cc5e27f3a7a5a261c842
aa040ed871ad52234406120dce2d97676d66eea3
ddf740a83f4160b53ac824ad1c3662a18047274648e1eb558adddc3a183bee48

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/post-8.css?ver=1669820273 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 14:57:53 GMT
ETag: "47c-5eeb15442e181-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 381
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1

34.125.198.6

200 OK

13 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (59158)
Size
13 kB (12869 bytes)
Hash
d7913fc87c4606f82b4ee77a8d47fc2f
62a54acf7535ae53425b44dadfe5fdabf3d8300a
bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:50 GMT
ETag: "e7d0-5ed8cfee121c5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12869
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158941
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 05:48:28 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kxBsN3c2e01YuFXL8Co5uv41ZKGY8-ns7jQVTEojkVpart4Dz-j53g==
Age: 1385

ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1

34.125.198.6

200 OK

4.2 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (26516)
Size
4.2 kB (4229 bytes)
Hash
d74abcef3df71d56667a44693f75c454
be993a7b5c88a550ef0dc19c4841f240e41967f8
8c8fb98c0a68a93f2bcf224fcc1bdaa1095fc1b3f5418f2e2c5fddcfa3dee410

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:53 GMT
ETag: "684e-5ed8cff031143-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4229
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161370
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 06:28:57 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sR_wc8oJDsmfjSU7DIAte5zJUJFd_ftYChD75EP_SHdbr9jRr2mePg==
Age: 3814

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Last-Modified: Fri, 02 Dec 2022 08:47:29 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZCgH79Tw44nX7C5fUOnQp3-h0NEyUU_lDx7R4SXf4Xf--ljbnlODiQ==
Age: 3119

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159446
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 05:56:53 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nrwoNz3SIsTnZtkiw81-GDe0dTiMLReT7l6W55tEg4-jJ5pPM9Yi6w==
Age: 1890

ercaws.com/wp-content/uploads/elementor/css/global.css?ver=1669820273

34.125.198.6

200 OK

2.2 kB

URL HTTP/1.1
ercaws.com/wp-content/uploads/elementor/css/global.css?ver=1669820273
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (48213)
Size
2.2 kB (2152 bytes)
Hash
5086a1221546c10850c64ad7c411da29
de9769716b8562db168ac9b1087128c799db58d9
76905284ee34b079c54e14c2600ba136b8865e972c8ceb437528a9f207fd0423

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1669820273 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 14:57:53 GMT
ETag: "dbb0-5eeb15443fac0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2152
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9b1e48869336755ba4020e3e7a2628e8
ed5d4626e5552ee1efee261107ec2a6d42544b82
1b6cfe43f06ad257770d7c6354d75a5d1bda73d44fe9666c8eb6b35b60129c7e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163748
Date: Fri, 02 Dec 2022 09:39:27 GMT
Etag: "63898c43-1d7"
Expires: Sun, 04 Dec 2022 07:08:35 GMT
Last-Modified: Fri, 02 Dec 2022 05:25:23 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qu5_6M5abhz5WmKP9JEn_XnmiM7rSYmqNT_OidqFqpZ-f29MU1pSlg==
Age: 6192

ercaws.com/wp-content/uploads/elementor/css/post-87044.css?ver=1669931780

34.125.198.6

200 OK

2.6 kB

URL HTTP/1.1
ercaws.com/wp-content/uploads/elementor/css/post-87044.css?ver=1669931780
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (46209), with no line terminators
Size
2.6 kB (2631 bytes)
Hash
14e8f99b6af5ee6022135af9a4b840f6
559fcfce1b2db16bbe4d7fbe96425955c3b141a4
6435a423ab676231089ea6160ed8a1ee755398b9bf4cf5264f85dce717a28c95

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/elementor/css/post-87044.css?ver=1669931780 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 01 Dec 2022 21:56:20 GMT
ETag: "b481-5eecb4a977ffa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2631
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2

34.125.198.6

200 OK

13 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (59158)
Size
13 kB (12868 bytes)
Hash
77adb61e8b73b03c938831ca2e7cd41d
3b0c1f53c1161696277d33d1cb6c311f25d2f961
b170b9f3758097a377a7068667a531e07a82612331808b5bb2b7ed863bf63e0e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "e7d0-5edc49a9350d4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12868
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2

34.125.198.6

200 OK

22 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
22 kB (21855 bytes)
Hash
2003102d022a9781fe4d42b5b909f6c8
eadcc08b50cb30b11fd3a906c336cb45d8ef6326
3ef1212104988bb1dbea1a600ad3a0601cc0a0c62f0fccc18f8ea7e24f0dd74d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenverse/assets/gtnicon/gtnicon.css?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "250fe-5edc49a936074-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21855
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2

34.125.198.6

200 OK

379 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
379 B (379 bytes)
Hash
fb832128b166910b553cb0a6de7ba005
db47444d89022a51bfef4c37600bc03be64f72f0
d67c25cb738a52af9203f362668727bd45715b4f8754301ec41dc0d78bfd929a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenverse/assets/css/frontend-icon.css?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "385-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 379
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2

34.125.198.6

200 OK

24 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
24 kB (23844 bytes)
Hash
fb2012929c2b18e52936d82370366270
43ecd550b3e37b16ca22decbb4362fa80c9306c0
aa2d5667c091216a7ead21da19590c41362208ce67708925d84c4ef0771ef6e6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenverse/assets/css/frontend-block.css?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "23734-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23844
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/erlinews-widget/style.css

34.125.198.6

200 OK

838 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/erlinews-widget/style.css
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with CRLF line terminators
Size
838 B (838 bytes)
Hash
d84bc9f8d2def0f1e84dfc0c405255f2
a22d4fb3914c480e4be8f0d125d5f45a4274d4ba
9f2a1cdcd7eda6796a1d9e3eb18653cac63cbfea3c7c01ffa1430e105f5164d4

HTTP Headers

GET /wp-content/plugins/erlinews-widget/style.css HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:43:13 GMT
ETag: "b12-5ed8d6f1d677c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 838
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2

34.125.198.6

200 OK

479 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
479 B (479 bytes)
Hash
5850a4d6be478b5a5c29526a957840c4
1854bff2c967f028cf8c1f53b3c7878fb605e329
654a9a69300dd841ea2bc14d36c346377cee298b126463cc844fb26929260843

HTTP Headers

GET /wp-content/plugins/reactpress/public/js/reactpress-public.js?ver=2.1.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:28 GMT
ETag: "346-5eeaa39fdd734-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 479
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1

34.125.198.6

200 OK

2.5 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (8169), with no line terminators
Size
2.5 kB (2484 bytes)
Hash
daa47d2e3e95fd559a8e8b55bb5e0fc4
80890ad053eba31d5cd6e1dc01a6af48c3581457
c7784aeb52daf95ef1fd3dce9fd5890a0b873ccf2d959be8f37b3176d9a589e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenberg/build/vendors/inert-polyfill.min.js?ver=6.1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1fe9-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2484
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b

34.125.198.6

200 OK

1.6 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (4507)
Size
1.6 kB (1636 bytes)
Hash
f80c5566694d035722629f262d5477e3
fee1e291de68f347e3c32e61edcb1d4a79cbd7fe
a188fa91f1cd0723fb45379b0ca3ec73d46c1376f1bf6a69564952759c1edaa3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenberg/build/hooks/index.min.js?ver=da24a732bf5c2bfffa4b HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "11c1-5ee557aba33b0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1636
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49

34.125.198.6

200 OK

3.8 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
data
Size
3.8 kB (3771 bytes)
Hash
afaf7055b7ce023d7af69e2cc7911093
fcae37dbd631bf34240dd89bf32ef7bd5967b783
5d539710eae2bb8dd85955712403c21b83cd8ba55f5b1cda55c22da1b9245dd5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=6fdf6f309c3796e73a49 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "2587-5ee557aba33b0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3771
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1

34.125.198.6

200 OK

480 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (867), with no line terminators
Size
480 B (480 bytes)
Hash
747a25813705e6cb7089f28d82c6b60f
d4311f83aabe9d3b98df34b91c6c6f2066c141c8
459873601e832bef8af96502625bd8fec2b5958c73326da2b8e364b0501b4bff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/weather-atlas/public/js/weather-atlas-public.min.js?ver=1.2.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:14 GMT
ETag: "363-5ed8cd1cbc2d6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 480
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1

34.125.198.6

200 OK

865 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (1680), with no line terminators
Size
865 B (865 bytes)
Hash
e484a499a1b9fa097844b111eb195e35
3572d4af98ab553b4ab54f6e4d4ae57bfd0e4f3c
893c9f1725458ea13ca26ca28a641ae0b1e1a8ad6c0955b5d9421a70ceb083d1

HTTP Headers

GET /wp-content/plugins/weather-atlas/public/js/jquery-cookie.min.js?ver=1.2.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:14 GMT
ETag: "690-5ed8cd1c70fb6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 865
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1

34.125.198.6

200 OK

4.2 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (14869)
Size
4.2 kB (4205 bytes)
Hash
1fcdd9935a66511c3b8069495af248e3
b0e375ac95b547b3bb6ce74cd1bcc505ffc2281d
4a741209fc122872cb5ae018a5870d70848a616fa98eb4289ad78cec986ec282

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:49 GMT
ETag: "3acf-5ed8cfec83ac7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4205
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.7.0

34.125.198.6

200 OK

1.2 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.7.0
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (4308), with no line terminators
Size
1.2 kB (1221 bytes)
Hash
d83aedf99d3bdc9fde5de1753c320ba1
e5d7c90b4b921e368ffc6d2cbfae2264b5b4f9fa
bfed8658f870445ed0f6f46340b6047657f8e5fd249f6b1f07c4dac36bf84e7d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/css/swipebox.min.css?ver=1.7.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:23 GMT
ETag: "10d4-5eeaa39aca9f9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1221
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

ercaws.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1

34.125.198.6

200 OK

2.6 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (10019)
Size
2.6 kB (2592 bytes)
Hash
0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:59 GMT
ETag: "4824-5ed8cff5e603d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2592
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

fonts.googleapis.com/css?family=Syncopate:400%7CJacques%20Francois%20Shadow:400%7COswald:400%7CQuintessential:400&subset=latin&display=swap&ver=1669839874

142.250.74.106

200 OK

10 kB

URL HTTP/2
fonts.googleapis.com/css?family=Syncopate:400%7CJacques%20Francois%20Shadow:400%7COswald:400%7CQuintessential:400&subset=latin&display=swap&ver=1669839874
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32033), with CRLF, LF line terminators
Size
10 kB (10403 bytes)
Hash
3f6502a9dbe9fa6062bb3510566b4ca3
4211675913ba0489d20e531569148f4b667db133
fb64e9d9d4800f9a5413aa67da6eb8f15e9c405dcf18b427e1dea87c55529013

HTTP Headers

GET /css?family=Syncopate:400%7CJacques%20Francois%20Shadow:400%7COswald:400%7CQuintessential:400&subset=latin&display=swap&ver=1669839874 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1

34.125.198.6

200 OK

1.4 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1350 bytes)
Hash
9dc331aa18fccf2b0e2e52e1e7d60691
a2770ba627228ab36d47a39d4a037a39efae37a7
699319721e332c7f0461d5e2dafab3fb485b09e4037dd2b96f12aa3d5a2d0c91

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/erlinews-for-elementor/assets/js/custom.js?ver=6.1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:42:37 GMT
ETag: "e8c-5ed8d6cec5e9f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1350
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

34.125.198.6

200 OK

2.9 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (9937), with no line terminators
Size
2.9 kB (2937 bytes)
Hash
8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:40:59 GMT
ETag: "26d1-5ed8d67167984-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2937
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/cloudsflaring.js

52.95.162.45

200 OK

17 kB

URL HTTP/1.1
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/cloudsflaring.js
IP
52.95.162.45:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (17031), with no line terminators
Size
17 kB (17031 bytes)
Hash
33100f2355611b2375f05486299abf05
0b2d1b75f6695e67b884bee2eb72165d6e881a26
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

HTTP Headers

GET /ANDYTIME/js/cloudsflaring.js HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: Yv9q7PjbiUYuHJUbgCLRHJaNDHMKVETZJN4wZro78rO3/55KYi0smPKx3q/ki7P7UKdWWiRn3Vg=
x-amz-request-id: BQMQJWE1RR355C70
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Wed, 16 Nov 2022 03:01:29 GMT
ETag: "33100f2355611b2375f05486299abf05"
x-amz-version-id: Z3e2qvxseEm36Aa13HK4URg1nBAD1kMH
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 17031

ercaws.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

34.125.198.6

200 OK

4.0 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document, ASCII text, with very long lines (12310), with no line terminators
Size
4.0 kB (3957 bytes)
Hash
832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:40:59 GMT
ETag: "3016-5ed8d671a6184-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3957
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ercaws.com/wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519

34.125.198.6

200 OK

982 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (2382)
Size
982 B (982 bytes)
Hash
2502bc85936b1194cdc9915dd84de9fa
3e487681ce8fc9c84af9bbf18d5681bff14983f0
28830445211d1f8e39ef227c331293b254ecc774de7793be33633b66987d0cd0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenberg/build/a11y/index.min.js?ver=aefdd2523cc4b947d519 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "975-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 982
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf

34.125.198.6

200 OK

324 B

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (422)
Size
324 B (324 bytes)
Hash
70563ca72bf48c061219d092600fedd1
95965836b0c0bd6c42c80fe15b5c8842ad36b310
c80f2dc654c1d01914413b7131469e02bb7cb67524caa83264ed2420452d14c3

HTTP Headers

GET /wp-content/plugins/gutenberg/build/dom-ready/index.min.js?ver=222ad38e3e5e302c8bbf HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1cc-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 324
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/themes/erlinews/js/general.min.js?ver=1.0

34.125.198.6

200 OK

2.1 kB

URL HTTP/1.1
ercaws.com/wp-content/themes/erlinews/js/general.min.js?ver=1.0
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (648), with CRLF line terminators
Size
2.1 kB (2083 bytes)
Hash
b0ec8a7a8610114cbe8b443cb537cdb3
ed8726784ab858d2295b60aca5ed7545c2992b70
0bf866af83fedb7cce8b4a6253c215147b3d34addd6d50abff3567433f2a43b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/erlinews/js/general.min.js?ver=1.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:05 GMT
ETag: "15be-5ed8ccdb46617-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2083
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/syncopate/v19/pe0sMIuPIYBCpEV5eFdCBfe_.woff2

142.250.74.163

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/syncopate/v19/pe0sMIuPIYBCpEV5eFdCBfe_.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 32344, version 1.0\012- data
Size
32 kB (32344 bytes)
Hash
db4110c4dae8b7ae8def81317425cd3d
7daee4845ac4cd064c8887d5d8da7b27120c6530
b57f964dfec15bc7e94db5c8930e02d2f4031c284a8e852b23b81a29450dbd14

HTTP Headers

GET /s/syncopate/v19/pe0sMIuPIYBCpEV5eFdCBfe_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:44:24 GMT
expires: Wed, 29 Nov 2023 23:44:24 GMT
cache-control: public, max-age=31536000
age: 208504
last-modified: Tue, 19 Apr 2022 19:27:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/syncopate/v19/pe0pMIuPIYBCpEV5eFdKvtKqBP5v.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/syncopate/v19/pe0pMIuPIYBCpEV5eFdKvtKqBP5v.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17432, version 1.0\012- data
Size
17 kB (17432 bytes)
Hash
12d6883a7520aa52e3f811fec96043e1
a230d34332158e1414a360efaae0ecd01c4fa5ef
8a462650535a7d255dd037dc3ca7eefde4b2b988bb110736290dbd7b74a83fea

HTTP Headers

GET /s/syncopate/v19/pe0pMIuPIYBCpEV5eFdKvtKqBP5v.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:24:24 GMT
expires: Thu, 30 Nov 2023 18:24:24 GMT
cache-control: public, max-age=31536000
age: 141304
last-modified: Tue, 19 Apr 2022 19:28:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ercaws.com/wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1

34.125.198.6

200 OK

4.7 kB

URL HTTP/1.1
ercaws.com/wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (1034)
Size
4.7 kB (4689 bytes)
Hash
f27a137472f5d9b36facd92fcd4d259a
e335330bb4f7ac1f6459dfde939d65960591fcb2
ba23273080de56b99d3500cb1ff97249c2fefd3039007b0724390f40b1ea9faa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/erlinews/js/columnizer.min.js?ver=1.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:52 GMT
ETag: "4705-5ed8cd07fe9cb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4689
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

142.250.74.163

200 OK

25 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Size
25 kB (25372 bytes)
Hash
fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

HTTP Headers

GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:14:39 GMT
expires: Tue, 28 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 303889
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ercaws.com/wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2

34.125.198.6

200 OK

17 kB

URL HTTP/1.1
ercaws.com/wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document, ASCII text, with very long lines (43622), with CRLF line terminators
Size
17 kB (17088 bytes)
Hash
50ed5d1a904547e62b70fc22f31a884d
bbdba6789e15f56a35f1551766c5d338d1900a4a
49a5cce9921fd29231dd2c480dda65d3d3c6e2ac896e23d39f1978363d130580

HTTP Headers

GET /wp-content/themes/erlinews/js/theia-sticky-sidebar-min.js?ver=1.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:58:21 GMT
ETag: "117c1-5ed8cce9c4569-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17088
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2

34.125.198.6

200 OK

2.8 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (367), with CRLF line terminators
Size
2.8 kB (2804 bytes)
Hash
021d5a776aa2cfbec2286966bd941107
a9b3140071b94301baf6e13e0a964df05ff76e7a
044422911345e9187324a2160db435ac4577165ff47904bdc825dfd59ce316a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:43:09 GMT
ETag: "39af-5ed8d6ed8dca1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2804
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c

34.125.198.6

200 OK

3.6 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (7366)
Size
3.6 kB (3613 bytes)
Hash
3402aecb395ae3434d2b5cf6f9e262ce
62ca18fd4b0261d4875fb6df5003c5acb26dedbb
65823b3a99fab08618f0dda8406f83488924c97509513d2ab6b96895685843d3

HTTP Headers

GET /wp-content/plugins/gutenberg/build/url/index.min.js?ver=db11e630b44b5a4ae45c HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1ecf-5ee557ab91a70-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3613
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a

34.125.198.6

200 OK

2.3 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (5195)
Size
2.3 kB (2262 bytes)
Hash
ccbad6f98e42f23a700b6b0c5071b83b
0ec6495d6ee95e663b4f86ebd76bb6df43a47dae
fefcf2ab0837842c548f7edad97be4665c9ad4e1944bb1192cccd8f3374a88d8

HTTP Headers

GET /wp-content/plugins/gutenberg/build/api-fetch/index.min.js?ver=0d58403d8384e3a0620a HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Sat, 26 Nov 2022 01:23:02 GMT
ETag: "1471-5ee557ab92a10-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2262
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836

34.125.198.6

200 OK

3.1 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text
Size
3.1 kB (3086 bytes)
Hash
d267bd35ccf6033cb8e9837358eb9856
a3497f6e883b3ad6d7c24241d8cf27a12b207b18
7b085d8f0972e8a90636d785ea53496c27bd7b73335aafd6003d847a835d8e7e

HTTP Headers

GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664378836 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Sep 2022 15:27:16 GMT
ETag: "29ed-5e9be654a9d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3086
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0

34.125.198.6

200 OK

3.9 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (12967)
Size
3.9 kB (3912 bytes)
Hash
bfc2a3cf51e05a3b7a85474e22002a91
131d9b0d15174f362c7c3c32db2b0749ad2aa158
9331da57c96a8c1fb3b6205c7638b0df436626c56745b3bc4e126fa4f354c5c7

HTTP Headers

GET /wp-content/plugins/justified-gallery/includes/Lightbox/Swipebox/assets/js/jquery.swipebox.min.js?ver=1.7.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:29:23 GMT
ETag: "330c-5eeaa39aca9f9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3912
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1

34.125.198.6

200 OK

2.2 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (4918)
Size
2.2 kB (2194 bytes)
Hash
5623a2e2bcaeb031c1a782030f1b14f9
c46b7389cb2839e47558c2d417d89169048b8031
cbe16e1c67c55ba8e9fc2363728b933f3ef2f1af411a1febbbe565e6363bfd5d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:13 GMT
ETag: "135d-5ed8d0033730e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2194
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/css/erlinews-addstyle.css

52.95.162.45

200 OK

95 kB

URL HTTP/1.1
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/css/erlinews-addstyle.css
IP
52.95.162.45:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (448), with CRLF line terminators
Size
95 kB (94869 bytes)
Hash
695b3ff6d8a176c7a7fc2dae482fca24
3ae60f7030ca2b342e66e42254927e3f1360e0bc
02e989b22641b4520038ac067676a5bc61068ff15be4ee0ac119fce795f4e052

HTTP Headers

GET /ANDYTIME/css/erlinews-addstyle.css HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: FqEil8s+JlohsewC8zHlrGBZ+l4qBU8jdTfkt0qZgHpAvJWMgmDKc2gt24E++mQXhW16kP6WKbs=
x-amz-request-id: BQMXEF419PNF00A0
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 11:10:06 GMT
ETag: "695b3ff6d8a176c7a7fc2dae482fca24"
x-amz-version-id: BO1ROUnS2uwYPwfMmpMVCnpwfmJjBJPE
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 94869

ercaws.com/wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2

34.125.198.6

200 OK

59 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (28322)
Size
59 kB (59430 bytes)
Hash
2630cb01119489c4685bbaadebc9751c
858253ca3b58918343a2e5f620e42b39369714b1
dc1f72ba709619c38dcbf5e958aee2858a6af633bfd992a57234bb81e6df84e7

HTTP Headers

GET /wp-content/plugins/gutenverse/assets/frontend/react-player/ReactPlayer.standalone.js?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "37ef5-5edc49a937014-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

ercaws.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1

34.125.198.6

200 OK

11 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Unicode text, UTF-8 text, with very long lines (32907)
Size
11 kB (10752 bytes)
Hash
f2cf4b8cf6fd44b62dc73e5e480fc684
53cecab8767410c3f2acdeef147e62a5733db1d2
5c31c8633b4099e2e0f8aec7f4c1f6fa84539a2043545296200bc8d47778a4db

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:07 GMT
ETag: "80b3-5ed8cffdedad4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10752
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2

34.125.198.6

200 OK

84 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (83997 bytes)
Hash
4665e06591e1f754f24b7868f59e6c6e
71ab45805011f71ce65a76561043bee04e7410c5
e50dde96757bb308d972e194fe9afd884493fdd311d864bad26970b30ab5e032

HTTP Headers

GET /wp-content/plugins/gutenverse/assets/js/frontend.js?ver=1.6.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "4e480-5edc49a937fb4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

ercaws.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

34.125.198.6

200 OK

3.0 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (12198), with no line terminators
Size
3.0 kB (2993 bytes)
Hash
cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:39 GMT
ETag: "2fa6-5ed8cfe319851-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2993
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1

34.125.198.6

200 OK

1.1 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (2620), with no line terminators
Size
1.1 kB (1139 bytes)
Hash
366a9c35bbef9fea7021f6b1b56cf8d0
18feab78c61c6e8261db364d6681a9633041e837
b1108a264198109bc4e692e30e2dc7c148625fa9a3dce15477fc7618669c7a6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:40 GMT
ETag: "a3c-5ed8cfe40caf0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1139
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

34.125.198.6

200 OK

3.4 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (10544)
Size
3.4 kB (3446 bytes)
Hash
88f71137b2a89a53df46cdb4deeb4e3d
426e12f0e8712db20afd2c54e77e1384074f3181
591a8b7a859de8af878c56e1ec72384596285f768387e9958f0a0afe53d89428

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:58 GMT
ETag: "29ba-5ed8cff4d1a5e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3446
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1

34.125.198.6

200 OK

12 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (40474)
Size
12 kB (12045 bytes)
Hash
cdc93088cc6a33163d5501beeb7e2f34
7bff6d832259f16631f6e3a86c2aded975ffe51f
d1546274f50a7f5170799dfc32fa05297fbeb7d63205fd3f38679de0b77c03da

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:07 GMT
ETag: "9e41-5ed8cffe2d274-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12045
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

ercaws.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1

34.125.198.6

200 OK

13 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
ASCII text, with very long lines (43101)
Size
13 kB (13120 bytes)
Hash
ba8651f8b75f8f4904bfb98feb3a05f9
2b5717c8fee860602ea848af927362ae6d337dff
16f68830fee46a748674c3985f70fda02147d3c79b2c3767909117725cbb9b81

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.8.1 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:12:10 GMT
ETag: "a884-5ed8d000bc6d1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13120
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/css/style.css

52.95.162.45

200 OK

104 kB

URL HTTP/1.1
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/css/style.css
IP
52.95.162.45:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (492)
Size
104 kB (104239 bytes)
Hash
e36d134cbea996d3de8ab018a80637a4
b87bcea47410ba3bb578652d43f598e8cbf6cc2c
8d0b567a873a195677ff60eb0572a0ca5de60c81140e37020f9903cffbb870d4

HTTP Headers

GET /ANDYTIME/css/style.css HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: S2T1whLms0CfTOOpFuUGG5KLvLtMmjqZrccGsho0of19MU+VDwvfAgRvL4osGiiA9XaMO1ht4P4=
x-amz-request-id: BQMHC1C4R5XZSHG1
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 11:10:07 GMT
ETag: "e36d134cbea996d3de8ab018a80637a4"
x-amz-version-id: wBihXfvyUd4KA93H0ZjcdICHrVdYtK6A
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 104239

c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js

192.0.77.37

200 OK

3.1 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (8281)
Size
3.1 kB (3054 bytes)
Hash
bd88e76ae29c7192aa508ead47e1b662
da4c99f65a538018c35dd92598d42235c7a60ced
8a7b40eb6d5acaf0cf74e558c5dcf15ba252dcab24296c78963e2cd36334866e

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/ui/autocomplete.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-WE60NPT82J&gtm=2oebu0&_p=1717614139&cid=1314831951.1669973966&ul=en-us&sr=1280x1024&_s=1&sid=1669973966&sct=1&seg=0&dl=https%3A%2F%2Fercaws.com%2F&dt=Egregious%20and%20Retaliatory%20Center%20for%20Investigations%20and%20Press%20Release%20in%20the%20ongoing%20Amazon%20Corporate%20Retaliations%20Campaign%20*%20Egregious%20Retaliatory%20Center%20for%20Research%20and%20Development%20Publications%20via%20Amazon%20Dev%20Center%27s%20ongoing%20Corporate%20Retaliation&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-WE60NPT82J&gtm=2oebu0&_p=1717614139&cid=1314831951.1669973966&ul=en-us&sr=1280x1024&_s=1&sid=1669973966&sct=1&seg=0&dl=https%3A%2F%2Fercaws.com%2F&dt=Egregious%20and%20Retaliatory%20Center%20for%20Investigations%20and%20Press%20Release%20in%20the%20ongoing%20Amazon%20Corporate%20Retaliations%20Campaign%20*%20Egregious%20Retaliatory%20Center%20for%20Research%20and%20Development%20Publications%20via%20Amazon%20Dev%20Center%27s%20ongoing%20Corporate%20Retaliation&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-WE60NPT82J&gtm=2oebu0&_p=1717614139&cid=1314831951.1669973966&ul=en-us&sr=1280x1024&_s=1&sid=1669973966&sct=1&seg=0&dl=https%3A%2F%2Fercaws.com%2F&dt=Egregious%20and%20Retaliatory%20Center%20for%20Investigations%20and%20Press%20Release%20in%20the%20ongoing%20Amazon%20Corporate%20Retaliations%20Campaign%20*%20Egregious%20Retaliatory%20Center%20for%20Research%20and%20Development%20Publications%20via%20Amazon%20Dev%20Center%27s%20ongoing%20Corporate%20Retaliation&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://ercaws.com
date: Fri, 02 Dec 2022 09:39:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i0.wp.com/ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?fit=1250%2C100&ssl=1

192.0.77.2

200 OK

2.9 kB

URL HTTP/2
i0.wp.com/ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?fit=1250%2C100&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.9 kB (2910 bytes)
Hash
5768d4915eab3d21d8ed43fa865eac05
f7a2e820276f4dec081c3179374b20b274e16537
bfe17647f978b6d4fbc6dcd7232d187770968b5142253d32840fb8c6d4fd9cff

HTTP Headers

GET /ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?fit=1250%2C100&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 2910
last-modified: Thu, 01 Dec 2022 22:51:34 GMT
expires: Sun, 01 Dec 2024 10:51:34 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "0d126b95052072f3"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/ercawsg4.js

52.95.162.45

200 OK

228 kB

URL HTTP/1.1
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/ercawsg4.js
IP
52.95.162.45:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (25492)
Size
228 kB (228095 bytes)
Hash
d597bb1c362e84bafa57a28d0ed196a7
4d96128a38d2e1628b214cd0de3c796505b19c58
6617b0aa9da229c29f421d8f6dddaf8e1d9876863105a66a272d6d64368fa388

HTTP Headers

GET /ANDYTIME/js/ercawsg4.js HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: I66IcKBoTEcpb+Gy6PjiX0XjUt1fVDDenMesJvhlQYBU1gTrzfI3gQIVPrv2I+M7VznnFrNyb3E=
x-amz-request-id: BQMTZBEJP0QSAQ92
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Mon, 14 Nov 2022 14:35:16 GMT
ETag: "d597bb1c362e84bafa57a28d0ed196a7"
x-amz-version-id: .O6jh0EqMGa07.sroIOok6_nN8fQbbWG
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 228095

suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/FGP.js

52.95.162.45

200 OK

227 kB

URL HTTP/1.1
suntzuping.s3.ap-east-1.amazonaws.com/ANDYTIME/js/FGP.js
IP
52.95.162.45:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (25381)
Size
227 kB (227442 bytes)
Hash
50c3cf301af0cbc631ee4154a30d8066
69a65640d1f383244a1a3008de3853924921a15b
0534977781a48c11cdbd52a591dcb6cc9763fe31820f34a997d15baaea80786a

HTTP Headers

GET /ANDYTIME/js/FGP.js HTTP/1.1
Host: suntzuping.s3.ap-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: KJBRmPdq+Vb26CGtuZmmfSFUbGckNFKKPRkkFGqFa7UHka8Hl/N7ESuCMptCvbR70I+g2yVvhMk=
x-amz-request-id: BQMX18BKCVS0JAAK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Last-Modified: Sun, 06 Nov 2022 04:49:33 GMT
ETag: "50c3cf301af0cbc631ee4154a30d8066"
x-amz-version-id: 59GXm1rcLYcxJ5HZ9QvVFZDP9.LW58ns
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 227442

ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

34.125.198.6

200 OK

77 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:50 GMT
ETag: "12d68-5ed8cfedb0746"
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 14:07:32 GMT
expires: Thu, 30 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 156716
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:53:49 GMT
expires: Thu, 30 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 139539
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:08 GMT
expires: Thu, 30 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 137120
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/abhayalibre/v13/e3t5euGtX-Co5MNzeAOqinEY22_CrdZJ.woff2

142.250.74.163

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/abhayalibre/v13/e3t5euGtX-Co5MNzeAOqinEY22_CrdZJ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 21396, version 1.0\012- data
Size
21 kB (21396 bytes)
Hash
c4bbbdc1763c1c6d17d5839e95b5446d
ef7fc81754b7af13a3a9c2c37af76830043b566c
874cc7196b007e01a00c347039117d759fa88747384d4add0c7a4d6e92dd125f

HTTP Headers

GET /s/abhayalibre/v13/e3t5euGtX-Co5MNzeAOqinEY22_CrdZJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:06:01 GMT
expires: Thu, 30 Nov 2023 19:06:01 GMT
cache-control: public, max-age=31536000
age: 138807
last-modified: Tue, 19 Apr 2022 18:52:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ercaws.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

34.125.198.6

200 OK

22 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
data
Size
22 kB (21564 bytes)
Hash
4ee7969ed0b27cfdfa176782a44af254
3078d8a5194d500709584effb07b0595f0a8d953
280d8155a402144e64924c1054936c0b67c5358d8a13b5ed65c6a12348d00c25

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:39 GMT
ETag: "21f91-5ed8cfe3a4311-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35491
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Size
17 kB (17032 bytes)
Hash
05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

HTTP Headers

GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:51:10 GMT
expires: Thu, 30 Nov 2023 19:51:10 GMT
cache-control: public, max-age=31536000
age: 136098
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Size
17 kB (17368 bytes)
Hash
abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

HTTP Headers

GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:56:18 GMT
expires: Thu, 30 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 139390
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:53:39 GMT
expires: Tue, 28 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 312349
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i0.wp.com/ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg?fit=1250%2C100&ssl=1

192.0.77.2

200 OK

3.7 kB

URL HTTP/2
i0.wp.com/ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg?fit=1250%2C100&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 213x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.7 kB (3692 bytes)
Hash
63c54ffb06cb2993f945d37cf6b9e48d
b132cab0dcbf06d4a8be649b871e97b38925a276
836b53eb1a171603abd234b0005ad1f53b04bb49d91c307d7ba9c9a671ba882c

HTTP Headers

GET /ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg?fit=1250%2C100&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 3692
last-modified: Thu, 01 Dec 2022 17:55:18 GMT
expires: Sun, 01 Dec 2024 05:55:18 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/11/quote-we-ve-had-enough-of-exhortations-to-be-silent-cry-out-with-a-hundred-thousand-tongues-st-catherine-of-siena-76-76-44.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "018669754290d736"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

ercaws.com/wp-content/plugins/gtranslate/gtglobe.svg

34.125.198.6

200 OK

6.5 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gtranslate/gtglobe.svg
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (6096), with CRLF line terminators
Size
6.5 kB (6501 bytes)
Hash
d00f0dac15b45bdd1c42a6617a116279
135fe1d19bc45581318afcd8ceee480343e3a40f
33b904cd2bd9a5826ae66e27aad776396dea95934c78f8561b0e213ee7a4d9df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gtranslate/gtglobe.svg HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 06:31:46 GMT
ETag: "1965-5eeaa423a4c52"
Accept-Ranges: bytes
Content-Length: 6501
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/svg+xml

i0.wp.com/d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png?fit=1250%2C100&ssl=1

192.0.77.2

200 OK

15 kB

URL HTTP/2
i0.wp.com/d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png?fit=1250%2C100&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
15 kB (14578 bytes)
Hash
f0bc137f732c5d90a54546c58373d215
f2fdb4efa40e067cc60fd249a74c0cb6cac68e2b
1cd2c47d1cecc494a339fc918a8668a17865ccd01e9b551b13911a6ae24ad525

HTTP Headers

GET /d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png?fit=1250%2C100&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 14578
last-modified: Wed, 30 Nov 2022 22:00:34 GMT
expires: Sat, 30 Nov 2024 10:00:34 GMT
cache-control: public, max-age=63115200
link: <https://d2olcuyf08j3e6.cloudfront.net/production/2022/11/29/18-42-37-2a74189d-09f9-45be-a68b-611eca9e601a.png>; rel="canonical"
x-content-type-options: nosniff
etag: "8580f317660bf113"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?v=ext&blog=211658399&post=87044&tz=-6&srv=ercaws.com&j=1%3A11.5.1&host=ercaws.com&ref=&fcp=3365&rand=0.6051160630546075

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&blog=211658399&post=87044&tz=-6&srv=ercaws.com&j=1%3A11.5.1&host=ercaws.com&ref=&fcp=3365&rand=0.6051160630546075
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=211658399&post=87044&tz=-6&srv=ercaws.com&j=1%3A11.5.1&host=ercaws.com&ref=&fcp=3365&rand=0.6051160630546075 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/ercaws.com/wp-content/uploads/2022/10/selipskyjap.png?resize=150%2C150&ssl=1

192.0.77.2

200 OK

24 kB

URL HTTP/2
i0.wp.com/ercaws.com/wp-content/uploads/2022/10/selipskyjap.png?resize=150%2C150&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
24 kB (23934 bytes)
Hash
a3f8e7de210c0316d604384a984698d8
21035660fd86b7d64600bdda8d7babb3158f76dd
6952c5b734df94b7c6ae0756715fafb41092962e21f088fb7d007080b7c45842

HTTP Headers

GET /ercaws.com/wp-content/uploads/2022/10/selipskyjap.png?resize=150%2C150&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 23934
last-modified: Wed, 30 Nov 2022 21:54:56 GMT
expires: Sat, 30 Nov 2024 09:54:56 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/10/selipskyjap.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0577fc3f2957a21d"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?resize=912%2C912&ssl=1

192.0.77.2

200 OK

79 kB

URL HTTP/2
i0.wp.com/ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?resize=912%2C912&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 912x912, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
79 kB (79142 bytes)
Hash
f680d3fc2083c3802c4304aec52210ed
8d2091a698ad49e3e67d3ae0968732d42159532c
947eda1735c61dacfad32cde136a5ff6e6facedc07a91abadf025d8198a42797

HTTP Headers

GET /ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg?resize=912%2C912&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: image/webp
content-length: 79142
last-modified: Thu, 01 Dec 2022 22:51:34 GMT
expires: Sun, 01 Dec 2024 10:51:34 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/12/continuekings.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "3f402fe4fc2fbdd5"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-regular-400.woff2

34.125.198.6

200 OK

14 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-regular-400.woff2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Web Open Font Format (Version 2), TrueType, length 13548, version 331.-31392\012- data
Size
14 kB (13548 bytes)
Hash
4a74738e7728e93c4394b8604081da62
fb9648469530a05fa9aac80e47d4d6960472a242
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/gutenverse/assets/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/gutenverse/assets/fontawesome/css/all.min.css?ver=1.6.2
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 18 Nov 2022 20:32:26 GMT
ETag: "34ec-5edc49a9350d4"
Accept-Ranges: bytes
Content-Length: 13548
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/woff2

ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weathericons-regular-webfont.woff2

34.125.198.6

200 OK

45 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weathericons-regular-webfont.woff2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Web Open Font Format (Version 2), TrueType, length 44720, version 1.6553\012- data
Size
45 kB (44720 bytes)
Hash
1cd48d78f06d33973d9d761d426e69bf
718dd740e8340888352129e592fed085409e891e
9327647771c09df82095dba3591c77cca41a9cedca948ae01e7fb70c690dcbd5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/weather-atlas/public/font/weather-icons/weathericons-regular-webfont.woff2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/weather-atlas/public/font/weather-icons/weather-icons.min.css?ver=1.2.1
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 01:59:15 GMT
ETag: "aeb0-5ed8cd1e16db5"
Accept-Ranges: bytes
Content-Length: 44720
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: font/woff2

c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js

192.0.77.37

200 OK

6.3 kB

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
6.3 kB (6336 bytes)
Hash
74094ad225231604e8465186a0559e7d
e61965cec2001573a127724c2686ef30de7e2942
b49a311c6b9b77b55fd11a35bb867bcca132e29584185b891a68c910a848ab18

HTTP Headers

GET /c/6.1.1/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2

34.125.198.6

200 OK

13 kB

URL HTTP/1.1
ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Size
13 kB (13276 bytes)
Hash
f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ercaws.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.8.1
Cookie: _ga_WE60NPT82J=GS1.1.1669973966.1.0.1669973966.0.0.0; _ga=GA1.1.1314831951.1669973966; _ga_4VQ4C22FGP=GS1.1.1669973967.1.0.1669973967.0.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:29 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 16 Nov 2022 02:11:46 GMT
ETag: "33dc-5ed8cfea0bd6a"
Accept-Ranges: bytes
Content-Length: 13276
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: font/woff2

ercaws.com/wp-content/uploads/2022/11/erc-logo-6000.png

34.125.198.6

200 OK

3.1 MB

URL HTTP/1.1
ercaws.com/wp-content/uploads/2022/11/erc-logo-6000.png
IP
34.125.198.6:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
PNG image data, 11400 x 6000, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 MB (3059671 bytes)
Hash
a3c97f59148861150c4a072b861d5844
b8bdfc9a43cb327ae17bbc44fc5357252f9012e5
6be9f8fae393914a1736c852c05400871cda65d6511e04b5c823ecaa9cfa2581

HTTP Headers

GET /wp-content/uploads/2022/11/erc-logo-6000.png HTTP/1.1
Host: ercaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 09:39:28 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 30 Nov 2022 16:18:54 GMT
ETag: "2eafd7-5eeb275f98f1f"
Accept-Ranges: bytes
Content-Length: 3059671
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

secure.gravatar.com/avatar/7645289731d8ebc042f446d118ef2496?s=225&d=mm&r=g

192.0.73.2

200 OK

86 kB

URL HTTP/2
secure.gravatar.com/avatar/7645289731d8ebc042f446d118ef2496?s=225&d=mm&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Size
86 kB (86220 bytes)
Hash
1c280b693b8d47e4f725fc52ee3f4b3e
c79e8185fa98dc4b1e6fc8c5e1a43ad806597e7c
78db6309ffd38ad5f2aea862292135336d4b632a74fea17790848b19e968d9c4

HTTP Headers

GET /avatar/7645289731d8ebc042f446d118ef2496?s=225&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:29 GMT
content-type: image/png
content-length: 86220
last-modified: Tue, 18 Oct 2022 21:19:18 GMT
link: <https://www.gravatar.com/avatar/7645289731d8ebc042f446d118ef2496?s=225&d=mm&r=g>; rel="canonical"
content-disposition: inline; filename="7645289731d8ebc042f446d118ef2496.png"
access-control-allow-origin: *
expires: Fri, 02 Dec 2022 09:44:29 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3e13fc4da2d3a0453c48b0a29fbc0798
c069a249e08ccd86d688357dc52747aaf9a4d714
5635b661780991fff42b70d0c1a84c0327ad537ce46344d358d35f82d5bfaee2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5635B661780991FFF42B70D0C1A84C0327AD537CE46344D358D35F82D5BFAEE2"
Last-Modified: Thu, 01 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Fri, 02 Dec 2022 15:39:01 GMT
Date: Fri, 02 Dec 2022 09:39:29 GMT
Connection: keep-alive

i0.wp.com/ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=192%2C192&ssl=1

192.0.77.2

200 OK

35 kB

URL HTTP/2
i0.wp.com/ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=192%2C192&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
35 kB (35172 bytes)
Hash
de386af25b179b6bc249daa0b1622eb8
82f003a0520387c078b3ecabeb72f00ec576f0c2
dcbcda4e30196434b2b35c1f7027740ff17888b52d78d3f053ca89b32bf5314b

HTTP Headers

GET /ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:29 GMT
content-type: image/webp
content-length: 35172
last-modified: Thu, 01 Dec 2022 10:50:30 GMT
expires: Sat, 30 Nov 2024 22:50:30 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "d7af483ed6bd9463"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=32%2C32&ssl=1

192.0.77.2

200 OK

2.3 kB

URL HTTP/2
i0.wp.com/ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=32%2C32&ssl=1
IP
192.0.77.2:0
ASN
#2635 AUTOMATTIC

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2338 bytes)
Hash
ba6ac8b7934523f8059d242e8deed7c1
c3f9886c9e4998236d3794654d1b69d66f8a49eb
3884712e5eedf492cea4b018230e40828518630bd577aed93beac9d195871b25

HTTP Headers

GET /ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:29 GMT
content-type: image/webp
content-length: 2338
last-modified: Wed, 30 Nov 2022 21:52:18 GMT
expires: Sat, 30 Nov 2024 09:52:18 GMT
cache-control: public, max-age=63115200
link: <https://ercaws.com/wp-content/uploads/2022/11/cropped-android-chrome-192x192-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "c6c84afdc815e538"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

platform.twitter.com/widgets.js

93.184.220.66

200 OK

29 kB

URL HTTP/1.1
platform.twitter.com/widgets.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (33915)
Size
29 kB (29221 bytes)
Hash
7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30

HTTP Headers

GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 203
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:29 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 08:46:55 GMT
expires: Fri, 02 Dec 2022 10:46:55 GMT
cache-control: public, max-age=7200
age: 3154
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fercaws.com

93.184.220.66

200 OK

105 kB

URL HTTP/1.1
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fercaws.com
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size
105 kB (105445 bytes)
Hash
2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160

HTTP Headers

GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fercaws.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128013
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:29 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ce9bb4656de0fb3edc54136d631bf5e1
95680f8722fba6e609b77df13566cf572de0183d
9a770b0fe4765e62e69c85565ccd057952fb54d078fb9ddb7732d2199f241bb6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 313
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "63899e60-117"
Last-Modified: Fri, 02 Dec 2022 09:34:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ce9bb4656de0fb3edc54136d631bf5e1
95680f8722fba6e609b77df13566cf572de0183d
9a770b0fe4765e62e69c85565ccd057952fb54d078fb9ddb7732d2199f241bb6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 313
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "63899e60-117"
Last-Modified: Fri, 02 Dec 2022 09:34:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
008d73afe4b0c9173762e808e60a25b4
3667c94f1fb3ac84426306c33e42e977ea1c8f5f
8cb7e87e8a4a09cace36dbc160197bf46a0de5e2a192435616acfa8fa8e973b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 09:39:30 GMT
Last-Modified: Fri, 02 Dec 2022 07:51:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313

cloudflareinsights.com/cdn-cgi/rum

104.16.57.101

204 No Content

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 42995
Origin: https://ercaws.com
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 02 Dec 2022 09:39:30 GMT
access-control-allow-origin: https://ercaws.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 773318814914b4f3-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hopelessness.awslegal.us/d8I7pBRrJuxaIwZfRUDtnOe2_v4XXL_0jxFzHH99aqWGgDAyC_4dF2mc1WKS0ftWSEz6HYksTT89UH6eIkTHXtrN3lyEQHTNUfCzNA5bZbdJTx9c1NPy7JkbagmGSjNyl6ualQT6eCOiL90n-NmrEDk8wfAvPJo8q2AofDCwkkEajgmPGDupvCb_XdtYi--C5qJAbot98o954c3p5epQXsA2l637YrJBdvMSH2S

35.163.237.190

200 OK

43 B

URL HTTP/1.1
hopelessness.awslegal.us/d8I7pBRrJuxaIwZfRUDtnOe2_v4XXL_0jxFzHH99aqWGgDAyC_4dF2mc1WKS0ftWSEz6HYksTT89UH6eIkTHXtrN3lyEQHTNUfCzNA5bZbdJTx9c1NPy7JkbagmGSjNyl6ualQT6eCOiL90n-NmrEDk8wfAvPJo8q2AofDCwkkEajgmPGDupvCb_XdtYi--C5qJAbot98o954c3p5epQXsA2l637YrJBdvMSH2S
IP
35.163.237.190:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /d8I7pBRrJuxaIwZfRUDtnOe2_v4XXL_0jxFzHH99aqWGgDAyC_4dF2mc1WKS0ftWSEz6HYksTT89UH6eIkTHXtrN3lyEQHTNUfCzNA5bZbdJTx9c1NPy7JkbagmGSjNyl6ualQT6eCOiL90n-NmrEDk8wfAvPJo8q2AofDCwkkEajgmPGDupvCb_XdtYi--C5qJAbot98o954c3p5epQXsA2l637YrJBdvMSH2S HTTP/1.1
Host: hopelessness.awslegal.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: image/gif
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
Set-Cookie: GMassUniqueID=2481c21c-69e4-4e13-9cc1-651554df20ba; expires=Sun, 21-Sep-2026 03:40:10 GMT; Domain=gmass.co; path=/; SameSite=None; Secure
GMassAffiliateID=; expires=Sun, 21-Sep-2026 03:40:10 GMT; Domain=gmass.co; path=/; SameSite=None; Secure
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Date: Fri, 02 Dec 2022 09:39:25 GMT
Content-Length: 43

syndication.twitter.com/settings?session_id=137b966f0d0180528f639d68cac5fb5934561b1a

104.244.42.8

200 OK

374 B

URL HTTP/2
syndication.twitter.com/settings?session_id=137b966f0d0180528f639d68cac5fb5934561b1a
IP
104.244.42.8:0
ASN
#13414 TWITTER

File type
JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Size
374 B (374 bytes)
Hash
925c2a7587f39436ea29513221652474
695b7f2f3d99f407bcdfd0b372db0e28193cc60c
62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f

HTTP Headers

GET /settings?session_id=137b966f0d0180528f639d68cac5fb5934561b1a HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:39:29 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 02 Dec 2022 09:39:30 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: e8a03bf7fc3df067
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 106
x-connection-hash: 0531d28975259bc07295904bbd5134f31e5af76e61293832dcf7d285eb16aac3
X-Firefox-Spdy: h2

platform.twitter.com/js/tweet.495a42551da1e5c4c5171224e18a5a07.js

93.184.220.66

200 OK

2.6 kB

URL HTTP/1.1
platform.twitter.com/js/tweet.495a42551da1e5c4c5171224e18a5a07.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (7473), with no line terminators
Size
2.6 kB (2619 bytes)
Hash
b437d583e8ec0d5b1b8cbbbe6ce8e6fb
42b010476cbec98ac0ccc2bbdbb6edf0720841a0
f2533975b6a0efb4414f3724ff6bbbdc0da6a3e0e73c16b7313635a3ee62a06c

HTTP Headers

GET /js/tweet.495a42551da1e5c4c5171224e18a5a07.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "090b14bdcf073940eb641311b50eb08d+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F6FD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2619

platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px

93.184.220.66

200 OK

345 B

URL HTTP/1.1
platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (345), with no line terminators
Size
345 B (345 bytes)
Hash
d5091670b69b1b059fef0bd7d29c6ea2
310d87ba4dbb762da90db7c7c621b74541b310b6
cf56fd75d5f405fba1fcc9c05b4ef79e8302b89b0713df0ee04a94101438682b

HTTP Headers

GET /embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 514
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "d5091670b69b1b059fef0bd7d29c6ea2"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 345

platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px

93.184.220.66

200 OK

345 B

URL HTTP/1.1
platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (345), with no line terminators
Size
345 B (345 bytes)
Hash
d5091670b69b1b059fef0bd7d29c6ea2
310d87ba4dbb762da90db7c7c621b74541b310b6
cf56fd75d5f405fba1fcc9c05b4ef79e8302b89b0713df0ee04a94101438682b

HTTP Headers

GET /embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 514
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "d5091670b69b1b059fef0bd7d29c6ea2"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 345

platform.twitter.com/embed/embed.runtime.485c27f9e5e27d54d810.js

93.184.220.66

200 OK

4.2 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.runtime.485c27f9e5e27d54d810.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (9477), with no line terminators
Size
4.2 kB (4194 bytes)
Hash
711baf219ec65ea5e3c39c1e379290e1
b4f75e0e129406d086a76091eabb558d614f4349
081f26d9273f83547c014c6cda80b8f0e5433c4a8f156c9bab2349bf78a0ed03

HTTP Headers

GET /embed/embed.runtime.485c27f9e5e27d54d810.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "ad6866429f67a17b67a1a2c2074558da+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 4194

platform.twitter.com/embed/embed.Tweet.9322608e67b7ed28d6a5.js

93.184.220.66

200 OK

6.8 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.Tweet.9322608e67b7ed28d6a5.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (17945), with no line terminators
Size
6.8 kB (6810 bytes)
Hash
67b48f74c7b0979d35a739da48dd1e0c
f49dd2cbbb6dcfe1ba507bc9b194762b56d08387
81f8be926c4a6c6fe61f649c8f4c2ad61d12ea15c40aaae8e7767e60103ed2b8

HTTP Headers

GET /embed/embed.Tweet.9322608e67b7ed28d6a5.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "3e76826422814815e69455c94a8a55ee+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 6810

platform.twitter.com/embed/embed.7796.9998e0c1f229690b022c.js

93.184.220.66

200 OK

178 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.7796.9998e0c1f229690b022c.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65447)
Size
178 kB (177569 bytes)
Hash
6a94fbf5dde24ff667a86dc6fd1f7a39
9b70f26f426766e3f60d78c4471125f3446a1098
780705c3ae740b1bd6560b966cdf8ff945299b49617c46ca45202d12ceae3328

HTTP Headers

GET /embed/embed.7796.9998e0c1f229690b022c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128013
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "91d4ffc30ea3fdac95031ed78df9342d+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 177569

platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js

93.184.220.66

200 OK

6.8 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (19697)
Size
6.8 kB (6789 bytes)
Hash
f94d48bbbe6a31407ade7d7ccd3aece2
45b97d1ba2353704f853228b7407239245bf2bfe
6ca3f2658a10c59cc6dc5eb763d5f0efece78f7f080ffd82504d686bb284a6ca

HTTP Headers

GET /embed/embed.749.467388cca0b3fe9c3291.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "d3483b9c737e990765e6ba56d01154a3+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 6789

platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js

93.184.220.66

200 OK

1.5 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (3858), with no line terminators
Size
1.5 kB (1519 bytes)
Hash
804592c1f044395409edf30bae7c5d9e
58b0e905ef73a66dd7cb908d6a4e09944b2d990e
d1de1e25cae27e9d74f3dc687293611633cec4bb9fd8be9b32a33daa2934803d

HTTP Headers

GET /embed/embed.ondemand.i18n.en-js.ea32e1258edb3fea6260.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "9b4625539e420d3aa9e7164c41134250+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F719)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1519

platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.280e583b60141e6974ff.js

93.184.220.66

200 OK

11 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.280e583b60141e6974ff.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (36252)
Size
11 kB (11370 bytes)
Hash
418e03178698f2e9b42f1e74af562ed8
3e5cc0ea0c65c395a9ec440f946f7df9151e48df
578369592fa62a7468b7343bbcca50cf60896cffd7a3b100f5593b6da43a3dd8

HTTP Headers

GET /embed/embed.ondemand.horizon-web.i18n.en-js.280e583b60141e6974ff.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "7e00685696fb67fc183a52902e1e0152+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 11370

platform.twitter.com/embed/embed.ondemand.Tweet.729f47795b687a372bb8.js

93.184.220.66

200 OK

18 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.ondemand.Tweet.729f47795b687a372bb8.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
18 kB (18399 bytes)
Hash
c1e69d3118346ea2e9e77af638acf2e3
623faaa8fc6200e27c3d97c7879983a2a1aee75c
4efc8fb6da2a116344180f8b311e99c9784f147a6b75750461cf4067516cfaa2

HTTP Headers

GET /embed/embed.ondemand.Tweet.729f47795b687a372bb8.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128013
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "f746145cf62856ee8c49dce22284232f+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 18399

platform.twitter.com/embed/embed.8734.99512c4cbfe74f88ce1b.js

93.184.220.66

200 OK

68 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.8734.99512c4cbfe74f88ce1b.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (65446)
Size
68 kB (68244 bytes)
Hash
4ce0b2d8fd3e1faf31dd0f45c30ac9d0
bc814673a3db39729d94ce711ac3b6f8c585740d
91b7a542168b8b670b4899177dacfb4ecec4801629a398cd2b522e21288cb517

HTTP Headers

GET /embed/embed.8734.99512c4cbfe74f88ce1b.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592715238209880073&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128013
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:30 GMT
Etag: "9f88284fca343c40329bd4316da52c58+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 68244

cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592675994561048581&lang=en

93.184.220.70

200 OK

1.8 kB

URL HTTP/2
cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592675994561048581&lang=en
IP
93.184.220.70:0
ASN
#15133 EDGECAST

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (7156), with no line terminators
Size
1.8 kB (1771 bytes)
Hash
03f34abacfe985029bcc8f70a28037d4
b75641a4ec4bf31554c841c7b43b41926828f96b
bb75a95c8a40921ca629606c5061957c3c6d1780c8c0b763c1e01ddbc2c148e1

HTTP Headers

GET /tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592675994561048581&lang=en HTTP/1.1
Host: cdn.syndication.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://platform.twitter.com
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-contol-allow-origin: platform.twitter.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 09:39:31 GMT
etag: W/"1bf6-iwdh29+WM7FuAZgTgtjYO4TwAkQ"
last-modified: Thu, 01 Dec 2022 23:18:39 GMT
perf: 7626143928
server: tsa_f
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=177
strict-transport-security: max-age=631138519
vary: Origin, Accept-Encoding
x-connection-hash: ebd07d7c2ec8ca7f13094edd77d252998bf24458075da60c0a90524a59b680bd
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-response-time: 138
x-transaction-id: a4003f172d4972b2
x-tw-cdn: VZ, VZ, VZ
x-xss-protection: 0
content-length: 1771
X-Firefox-Spdy: h2

93.184.220.70

200 OK

1.3 kB

URL HTTP/2
cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592715238209880073&lang=en
IP
93.184.220.70:0
ASN
#15133 EDGECAST

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (3191), with no line terminators
Size
1.3 kB (1258 bytes)
Hash
ad927d418ebd06c63b1281b084697abe
97c309f8847a1537011f296280473cc47ce1c1e4
fe688c98b9e517a426e20111820d67c9c765e7fd715cf451fe6acd2dee43af1b

HTTP Headers

GET /tweet-result?features=tfw_timeline_list%3Alinktr.ee%2Ctr.ee%2Cterra.com.br%2Cwww.linktr.ee%2Cwww.tr.ee%2Cwww.terra.com.br%3Btfw_horizon_timeline_12034%3Atreatment%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_chin_pills_14741%3Acolor_icons%3Btfw_tweet_result_migration_13979%3Atweet_result%3Btfw_sensitive_media_interstitial_13963%3Ainterstitial%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_show_blue_verified_badge%3Aon%3Btfw_tweet_edit_frontend%3Aon&id=1592715238209880073&lang=en HTTP/1.1
Host: cdn.syndication.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://platform.twitter.com
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-contol-allow-origin: platform.twitter.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=60
content-security-policy: connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 09:39:31 GMT
etag: W/"c79-WKuM5Gp+mrnvLvA0V08WkGVrWQQ"
last-modified: Thu, 01 Dec 2022 23:18:39 GMT
perf: 7626143928
server: tsa_f
server-timing: x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=211
strict-transport-security: max-age=631138519
vary: Origin, Accept-Encoding
x-connection-hash: d7951659772739ab2455bfc81f2bd406a30a67acbc01dc74c4e0c2d9b4278ac3
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-response-time: 172
x-transaction-id: 630f5136d2713f14
x-tw-cdn: VZ, VZ
x-xss-protection: 0
content-length: 1258
X-Firefox-Spdy: h2

platform.twitter.com/embed/embed.ondemand.Card.d726ccd66212511aa7d9.js

93.184.220.66

200 OK

908 B

URL HTTP/1.1
platform.twitter.com/embed/embed.ondemand.Card.d726ccd66212511aa7d9.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (1791), with no line terminators
Size
908 B (908 bytes)
Hash
d727b8bbdcc468a1632b3da5e3181ba7
f0f4357fb06b3231cee27658092c370482ae8538
6faf6c07fbaaeab15b7a99efd73844a655a05ff1d6f7446367f5ba17f75b1d56

HTTP Headers

GET /embed/embed.ondemand.Card.d726ccd66212511aa7d9.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128015
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:31 GMT
Etag: "85a7e7691345fef90a94be2cc5dee1da+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:38 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 908

platform.twitter.com/embed/embed.9814.a261bea3d494c6cc4944.js

93.184.220.66

200 OK

6.3 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.9814.a261bea3d494c6cc4944.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (19023), with no line terminators
Size
6.3 kB (6281 bytes)
Hash
289ce02580cc8a4648aa32023a25d52e
e83f0a1113798e244271c0d9a33b29635bca912a
b2d72d7413a37a4ad5f279b3cba04a83c02c9cad89176e1422c96c2e082c5ca0

HTTP Headers

GET /embed/embed.9814.a261bea3d494c6cc4944.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128012
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:31 GMT
Etag: "d9a1f416196d542ccf4c35f6c3524a50+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 6281

platform.twitter.com/embed/embed.1237.a99a45a33daaad84b2b1.js

93.184.220.66

200 OK

119 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.1237.a99a45a33daaad84b2b1.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
119 kB (119391 bytes)
Hash
b4a7246b58e13412924843e537c25afa
f6fe8f242fe869e61f9739ae782d7f70c683c263
19daf2df951197ea048c76379bb3799918d6173c67d1bcaed1cc87fa982bd515

HTTP Headers

GET /embed/embed.1237.a99a45a33daaad84b2b1.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128015
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:31 GMT
Etag: "234c10af19046651f3f036074c186c32+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 119391

syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969607%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592675994561048581%22%5D%2C%22item_details%22%3A%7B%221592675994561048581%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

104.244.42.8

200 OK

43 B

URL HTTP/2
syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969607%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592675994561048581%22%5D%2C%22item_details%22%3A%7B%221592675994561048581%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
IP
104.244.42.8:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969607%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592675994561048581%22%5D%2C%22item_details%22%3A%7B%221592675994561048581%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:39:30 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 02 Dec 2022 09:39:31 GMT
content-length: 43
x-transaction-id: 2128dcd6278c00a4
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: 0531d28975259bc07295904bbd5134f31e5af76e61293832dcf7d285eb16aac3
X-Firefox-Spdy: h2

syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969760%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592715238209880073%22%5D%2C%22item_details%22%3A%7B%221592715238209880073%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1

104.244.42.8

200 OK

43 B

URL HTTP/2
syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969760%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592715238209880073%22%5D%2C%22item_details%22%3A%7B%221592715238209880073%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
IP
104.244.42.8:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669973969760%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22rufous-eol%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fercaws.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22thefakeliu%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22ced6f3ad5aeac%3A1667415540863%22%2C%22item_ids%22%3A%5B%221592715238209880073%22%5D%2C%22item_details%22%3A%7B%221592715238209880073%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:39:30 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Fri, 02 Dec 2022 09:39:31 GMT
content-length: 43
x-transaction-id: f25bbd6cf89750b7
strict-transport-security: max-age=631138519
x-response-time: 111
x-connection-hash: 0531d28975259bc07295904bbd5134f31e5af76e61293832dcf7d285eb16aac3
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1598395870646616064/2Lboydft_normal.jpg

151.101.244.159

200 OK

2.3 kB

URL HTTP/2
pbs.twimg.com/profile_images/1598395870646616064/2Lboydft_normal.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.3 kB (2263 bytes)
Hash
c676f4a18c69b5bc2bee4fcf55e1eef0
d54dcac0fe2c209a85b804526165c97135b6834b
05f1285b4c3c6abc7feeb82faef9a9c3d479fa7d9516f2ebb39042ef63110ee3

HTTP Headers

GET /profile_images/1598395870646616064/2Lboydft_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 01 Dec 2022 19:15:26 GMT
x-transaction-id: 2ce0c724e71c0962
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:39:31 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7358-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2263
X-Firefox-Spdy: h2

pbs.twimg.com/profile_images/1396929232182431755/DBOr86oF_normal.jpg

151.101.244.159

200 OK

2.3 kB

URL HTTP/2
pbs.twimg.com/profile_images/1396929232182431755/DBOr86oF_normal.jpg
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
2.3 kB (2263 bytes)
Hash
725c42db5133a1e5c61a1a51b6c061a8
96016443a235a1fd0faff74abb52661e7363b5b9
3923cf6af9112c5752a5e9ea62203b60219c90171484e1db3028bf901c8b171c

HTTP Headers

GET /profile_images/1396929232182431755/DBOr86oF_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 24 May 2021 20:38:57 GMT
x-transaction-id: c3941f09b36806da
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:39:31 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7362-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2263
X-Firefox-Spdy: h2

platform.twitter.com/embed/embed.ondemand.Dropdown.6d3a179919178b621bf5.js

93.184.220.66

200 OK

2.3 kB

URL HTTP/1.1
platform.twitter.com/embed/embed.ondemand.Dropdown.6d3a179919178b621bf5.js
IP
93.184.220.66:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (5669), with no line terminators
Size
2.3 kB (2344 bytes)
Hash
f5859f010c34ccac7d632caddcd87376
d463494e24afe93c249dae27de47c9ca119be8e0
42aeded29acbca2458e6ca9fdeaa783f2740505e808a85e623eda5e3d0a8504a

HTTP Headers

GET /embed/embed.ondemand.Dropdown.6d3a179919178b621bf5.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2Zyb250ZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1592675994561048581&lang=en&origin=https%3A%2F%2Fercaws.com%2F&sessionId=137b966f0d0180528f639d68cac5fb5934561b1a&siteScreenName=thefakeliu&theme=light&widgetsVersion=a3525f077c700%3A1667415560940&width=550px
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 128014
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Fri, 02 Dec 2022 09:39:31 GMT
Etag: "1e6da137b0a22a9eb6bd69995d23b770+gzip"
Last-Modified: Wed, 02 Nov 2022 22:16:39 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2344

pbs.twimg.com/profile_images/1308748188229275649/TYlR9zPP_mini.png

151.101.244.159

200 OK

1.6 kB

URL HTTP/2
pbs.twimg.com/profile_images/1308748188229275649/TYlR9zPP_mini.png
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1640 bytes)
Hash
7def1c6aaa5ff31d114582f8dc6b0507
717a4d3aef16cde0a0b6f88593a604faab8f4d22
939aa8c9c54541f0b617f46a81a70d38a3ba3e2c0e2635b07504516eb522e4b8

HTTP Headers

GET /profile_images/1308748188229275649/TYlR9zPP_mini.png HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 23 Sep 2020 12:38:58 GMT
x-transaction-id: 6a12a2f6a2886d58
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/png
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:39:32 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7363-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 1640
X-Firefox-Spdy: h2

pbs.twimg.com/card_img/1597809190948540422/_0rE1J1G?format=jpg&name=240x240

151.101.244.159

200 OK

13 kB

URL HTTP/2
pbs.twimg.com/card_img/1597809190948540422/_0rE1J1G?format=jpg&name=240x240
IP
151.101.244.159:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3\012- data
Size
13 kB (12912 bytes)
Hash
51206758168e15bfbce394ebd2cf18ef
2aa7d33923b7fa08d0c14baf139bd4ba172cb3ee
055956873188dd927fd72e35bbbf56bc0c2373e489f071926710c9e702b7b7a1

HTTP Headers

GET /card_img/1597809190948540422/_0rE1J1G?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://platform.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 30 Nov 2022 04:24:11 GMT
x-transaction-id: ea568094c98d992c
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Fri, 02 Dec 2022 09:39:32 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7333-LHR, cache-hel1410020-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 12912
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15495 bytes)
Hash
82ea44d6cb116fb1f5752ce9bb87e345
f799dfd89a4f5a452dc837b8616549f578fb4184
e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 15495
x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDIFxzIAMFzEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KnOx0PJ8BR9OoAzXfuWk_Je_yawqzY4isC0hYTZRvJ74YiVs8jqyIQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:25:42 GMT
age: 40431
etag: "f799dfd89a4f5a452dc837b8616549f578fb4184"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 03:52:10 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

secure.gravatar.com/js/gprofiles.js?ver=202248

192.0.73.2

200 OK

0 B

URL HTTP/2
secure.gravatar.com/js/gprofiles.js?ver=202248
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/gprofiles.js?ver=202248 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Fri, 09 Dec 2022 09:39:26 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans&ver=6.1.1

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Abhaya+Libre%7COswald%7CRoboto%3A400%2C500%2C600%2C700%2C700italic%2C700%26subset%3Dlatin%2Clatin-ext&ver=1.0.0

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Abhaya+Libre%7COswald%7CRoboto%3A400%2C500%2C600%2C700%2C700italic%2C700%26subset%3Dlatin%2Clatin-ext&ver=1.0.0
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Abhaya+Libre%7COswald%7CRoboto%3A400%2C500%2C600%2C700%2C700italic%2C700%26subset%3Dlatin%2Clatin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.5.1/modules/wpgroho.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/p/jetpack/11.5.1/modules/wpgroho.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /p/jetpack/11.5.1/modules/wpgroho.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Jul 2020 17:06:48 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Mate+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVollkorn+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSyncopate%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbhaya+Libre%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Mate+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVollkorn+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSyncopate%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbhaya+Libre%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Mate+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVollkorn+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSyncopate%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COswald%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAbhaya+Libre%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:26 GMT
date: Fri, 02 Dec 2022 09:39:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Oswald:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Oswald:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Oswald:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:27 GMT
date: Fri, 02 Dec 2022 09:39:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.16.57.101

200 OK

0 B

URL HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ercaws.com/
Origin: https://ercaws.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 09:39:30 GMT
content-type: text/plain
access-control-allow-origin: https://ercaws.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 773318814910b4f3-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:400italic,600italic,300,400,600,700,800&subset=latin,latin-ext,cyrillic,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 09:39:27 GMT
date: Fri, 02 Dec 2022 09:39:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/lodash.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/c/6.1.1/wp-includes/js/dist/vendor/lodash.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/6.1.1/wp-includes/js/dist/vendor/lodash.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

secure.gravatar.com/dist/css/services.min.css?ver=202248

192.0.73.2

200 OK

0 B

URL HTTP/2
secure.gravatar.com/dist/css/services.min.css?ver=202248
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/css/services.min.css?ver=202248 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: text/css
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
etag: W/"5ab37b5c-a54"
content-encoding: br
expires: Fri, 09 Dec 2022 09:39:28 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /p/jetpack/11.5.1/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js

192.0.77.37

200 OK

0 B

URL HTTP/2
c0.wp.com/p/jetpack/11.5.1/_inc/build/photon/photon.min.js
IP
192.0.77.37:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /p/jetpack/11.5.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:26 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Sat, 02 Dec 2023 09:39:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

secure.gravatar.com/dist/css/hovercard.min.css?ver=202248

192.0.73.2

200 OK

0 B

URL HTTP/2
secure.gravatar.com/dist/css/hovercard.min.css?ver=202248
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/css/hovercard.min.css?ver=202248 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ercaws.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 09:39:28 GMT
content-type: text/css
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
etag: W/"5fac09d6-1e86"
content-encoding: br
expires: Fri, 09 Dec 2022 09:39:28 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (89)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations