davideric.com/wells/login.php
301 Moved Permanently 162 B URL HTTP/1.1 davideric.com/wells/login.php
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /wells/login.php HTTP/1.1
Host: davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 27 Jan 2023 03:36:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://davideric.com/wells/login.php
X-HTTPS-Enforce: 1
X-CDN-C: static
X-SG-CDN: 1
X-Proxy-Cache: MISS
X-Proxy-Cache-Info: 0301 NC:000000 UP:
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5233
Expires: Fri, 27 Jan 2023 05:04:12 GMT
Date: Fri, 27 Jan 2023 03:36:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17462
Expires: Fri, 27 Jan 2023 08:28:01 GMT
Date: Fri, 27 Jan 2023 03:36:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2263
Expires: Fri, 27 Jan 2023 04:14:42 GMT
Date: Fri, 27 Jan 2023 03:36:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 03:35:19 GMT
content-type: application/json
age: 100
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3XalnUAWbZSGfoHijarkhj9atze9HKFOCs9IIcQxbU/PyxUb7LDMc1uxUNnkTQEcnAbSI22A7NM=
x-amz-request-id: C0MGWDQ08K4GEJ3B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 03:20:22 GMT
age: 997
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:36:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a1948fdb62ab5e64dbd322d6d27d8f5c
dcc577ee93079a0540bf707a89bce7ffc42928ac
57d1ece7050305a0dedd9036be1b4d20269618348717350cfab213fae9b3d187
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57D1ECE7050305A0DEDD9036BE1B4D20269618348717350CFAB213FAE9B3D187"
Last-Modified: Thu, 26 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 27 Jan 2023 09:36:59 GMT
Date: Fri, 27 Jan 2023 03:36:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 02:41:40 GMT
age: 3319
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18355
Expires: Fri, 27 Jan 2023 08:42:54 GMT
Date: Fri, 27 Jan 2023 03:36:59 GMT
Connection: keep-alive
davideric.com/wells/login.php
301 Moved Permanently 249 B URL HTTP/2 davideric.com/wells/login.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b4f26c2c79347757c7be5722377b1e51
b2acc281bb16d991fd7edbd5dffb14bfefba3298
db80a4aa6f7a55c1385b7f5cfd87ecd8ecb4875989b048fbce93fdf172b7cc2f
Analyzer Verdict Alert fortinet Phishing
GET /wells/login.php HTTP/1.1
Host: davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 27 Jan 2023 03:36:59 GMT
content-type: text/html; charset=iso-8859-1
content-length: 249
location: https://www.davideric.com/wells/login.php
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JPriXk9EYVVnszOFRXUxkA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FiLMt/MFmQIf+rvNwgx76PnDxCU=
www.davideric.com/wells/login.php
301 Moved Permanently 0 B URL HTTP/2 www.davideric.com/wells/login.php
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wells/login.php HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 27 Jan 2023 03:37:00 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.davideric.com
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-cache-enabled: True
x-redirect-by: Rank Math
x-httpd-modphp: 1
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:SKIP_CACHE_NO_CACHE
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9864
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 03:37:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9864
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 03:37:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9864
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 03:37:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9864
Expires: Fri, 27 Jan 2023 06:21:25 GMT
Date: Fri, 27 Jan 2023 03:37:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg
200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 464592dade1d7207d58b22d5d09d9254
3caa2537edfe4c738540884b3eda51e437d26f4d
c0cdec94ff460c4b875657bb53ed90ef2ef786a2b8095d1ebf09365556536375
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61f2aec8-2d63-4f9f-9980-04c179cc5720.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4627
x-amzn-requestid: 38f2ed09-3a2e-4b5d-bde9-24fd7467d1a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZJE-BIAMFvdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3a-4ad90b1c2883444f547b6f84;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pl5Ta4lZHz2a_R1U3OnL1AZFcLc4Ez6_2U7WZ6ZYUC26k9r7m6mxXw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 04:21:49 GMT
age: 83712
etag: "3caa2537edfe4c738540884b3eda51e437d26f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRz28G13oAMFeeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3BquvYOvgBWY2JeuOjZH9t1bunnj5yAXmMqyqZKuD6v2xMm8BAG3lw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 02:41:06 GMT
age: 85657
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:37:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 16539
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7364957de1b4c82a923bd947f0cce750
d8aa55b64a65757e043b4b1b63efd93c8261d275
f1f7059968d08adfa1c775c906ecb6e5b752210af0bcdcebfa77c2ba6f15bbf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: 2946b91b-1d7e-4eba-966d-600ae368cd3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzVxGw1oAMF-xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328b-04037751257e13ca156eee8d;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4TidB2H164ziAxKhEORFw4BBF0FB2pkkwNq3iMQfS4t7yObXCA59Pw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:40:53 GMT
age: 68168
etag: "d8aa55b64a65757e043b4b1b63efd93c8261d275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dfd3530064d405643a31fedd4fd7618
d8268771360e609892c5506f3114dc4f73c0aad0
b4790125e39e400c30d640cd0c64497256168892405511ec3d43b03dc0e5715a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: caff330a-0cc6-488d-be82-c09c2bb87408
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQYTEduIAMFZkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa9b-1f26b225062c8465440cf460;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L-i1AEFIP6AoWwjds6n7ohyz-Ls1HoF9CXNJS7RRDFApBceBZXmoxA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:29:15 GMT
age: 54466
etag: "d8268771360e609892c5506f3114dc4f73c0aad0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3d856f57bcfd0bb18253cd77dd6541b
9d9680fb1a9232bb2b42b824dc11633666bfa31a
f2a03384e72a4d3350ee6addc49d6a507837eb195647016ea001e846eaccb0e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6055
x-amzn-requestid: dd44b3ab-6248-419a-995a-f3aaf59dae77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLRhMFPYIAMF91g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfc6d-4df410b022dbbb55297e6ac7;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:18:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b0NnMvzF8QzmCB6erAH6gTky4A2vBwI6huYmgX8hLTatYq_NHhQl1A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 15:23:32 GMT
age: 44009
etag: "9d9680fb1a9232bb2b42b824dc11633666bfa31a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-5564316-15
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-5564316-15
IP
File type ASCII text, with very long lines (1759)
Hash 8713bcd418aad536d2c472cb5eacd1d3
8f9ffc918f30042a2d5847433dc795c993f1570a
7df530121bd705b17a8adc8597cf0240adaac1f8b835246b2db641f1da3e9e1d
GET /gtag/js?id=UA-5564316-15 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 27 Jan 2023 03:37:01 GMT
expires: Fri, 27 Jan 2023 03:37:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:37:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.davideric.com/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 5.0 kB URL HTTP/2 www.davideric.com/wp-includes/js/jquery/jquery-migrate.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash b3aa3d96ef85bf923e5f0803f519b0ef
229b0e0240a67132bf37d6dbd46e161656c56355
9013923638ca8b59ceca017bee2499995be5d372ddf481b074a0f6b94b155162
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 01:02:23 GMT
etag: W/"5fd0221f-2bd8"
expires: Fri, 26 Jan 2024 22:20:58 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js
200 OK 45 kB URL HTTP/2 www.davideric.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash f001b8419f4884cf05bd196525bd5e99
9f76253ab88114f00b5aff43c7c4a59a5a9779ea
e5602918a84ba53a6953c8622ae7469ad02749e985ef416132722bc64c31359f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Dec 2022 21:27:58 GMT
etag: W/"63a228de-1d4ca"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansR\012- data
Hash 63f124cc58fb3f1e5e04b2961edc0f7b
a7e225ab157af0246fbc151ffe513c0b555032c5
484be1fa4b0ddf5a535046b293963ce7cfe6f2659f50309d7bdb6399a732637d
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21006
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:56:45 GMT
expires: Wed, 24 Jan 2024 09:56:45 GMT
cache-control: public, max-age=31536000
age: 236417
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrQ.ttf
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrQ.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2010 The Raleway Project Authors (impallari@gmail.com), with Reserved Font Name "Ralew\012- data
Hash 85819c83e87aa08752b6c740934f25e5
bfaa7c74e23861d7694163438f9bd14edfabfb67
2737a3a4b1e4548f759d96a99fc4478a7dfb6e7d6cfcf85df7aa10ccc1aff104
GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrQ.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 18:09:33 GMT
expires: Fri, 26 Jan 2024 18:09:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:57:59 GMT
content-type: font/ttf
age: 34049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexQ.ttf
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexQ.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansB\012- data
Hash 080509cdf99c527a765dc6861d2ca932
b6807f40be12ce682b34fc734c43bcd5e5581962
a9f40c911f90dc302caa59167e4cdd43be4c0aa1541e2d100f0739ca0dd216f5
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0RkyFjWVAexQ.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21638
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 09:18:24 GMT
expires: Fri, 26 Jan 2024 09:18:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:13:04 GMT
content-type: font/ttf
age: 65918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansB\012- data
Hash b73eebdd9c5c427b82775306f97ecdb2
bebd6da6ebbdb6c088dfaec52511abff8c83bf45
e2dbfef8e74289b61601e005da08f20676252fcbeea948d9f1e28a7744078ce1
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20549
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 17:11:26 GMT
expires: Wed, 24 Jan 2024 17:11:26 GMT
cache-control: public, max-age=31536000
age: 210336
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVc.ttf
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVc.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 16 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open Sans \012- data
Hash d3df98e49624f52c5cacc940323df11f
0aa7d6994557ea0a5c1966129dba6a117a9c7e31
2c6b31797e3481d543c18468adc885441e68122f0a440574503e0239eeb6d10d
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21061
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 05:35:17 GMT
expires: Wed, 24 Jan 2024 05:35:17 GMT
cache-control: public, max-age=31536000
age: 252105
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/pixel-caffeine/build/frontend.js
200 OK 6.3 kB URL HTTP/2 www.davideric.com/wp-content/plugins/pixel-caffeine/build/frontend.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash af7683c306c9949a688a448e65fb0785
2442ad0f3321ce00eb9548d7cf0f31f5ef5d0031
e2f972556e7416329c6a57dd1c792733ea68e3de1aed542ab8d9280aa54ae89a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/pixel-caffeine/build/frontend.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 24 Mar 2021 20:44:47 GMT
etag: W/"605ba4bf-3eb2"
expires: Fri, 26 Jan 2024 22:20:59 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexQ.ttf
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexQ.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansI\012- data
Hash 5aee6e52e52d4bc6ed494dce7c1230c2
69fc1dff4b77a4096279cd8aaf8c3b884fd2751f
75d32d797662be53dc0df11b78f9b622c33fa100ca4432971f056d475c24764d
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAexQ.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22207
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:28 GMT
expires: Sat, 27 Jan 2024 02:06:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:13:04 GMT
content-type: font/ttf
age: 5434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.davideric.com/wp-includes/js/jquery/jquery.min.js
200 OK 37 kB URL HTTP/2 www.davideric.com/wp-includes/js/jquery/jquery.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 57463677d2982a75e0d01f7dce34182f
929181398659ef88398ac9c85122e0882425345f
017f94bbd017461b2b14e18026958e3f2aedc8d1c3045bdfe2a1529fecf4aab0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 04 Nov 2022 12:07:15 GMT
etag: W/"63650073-15e54"
expires: Fri, 26 Jan 2024 22:20:58 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 16 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open Sans \012- data
Hash fd816bf7723bd214d5066c1672245b9d
8a9f574374e65484bb793991b42ff7e84304aceb
a1e818be945b050af4a1e52b23f58df6f188f1585ffedcaf58550d9751147efd
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20969
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:35:09 GMT
expires: Thu, 25 Jan 2024 19:35:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:16:22 GMT
content-type: font/ttf
age: 115313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a6b2ccd5f447a2aa774245babfed3da4
6ac8184e493aee1acf7b0479de4f8f3b84fb2219
b0341e4a48e2207a1e7337998efb0e52da50e793cb410d906ad76a637983807a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 03:37:02 GMT
Etag: "63d16a1f-1d7"
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f_XPPTEgt_I_6SGCY9R7VZ9F56Ym5Y-U3zmjG3DqPTft769G97Jowg==
www.davideric.com/wp-content/uploads/2018/06/landing-page-template-100-tall-black-316x89.png
200 OK 9.3 kB URL HTTP/2 www.davideric.com/wp-content/uploads/2018/06/landing-page-template-100-tall-black-316x89.png
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash 68922ea12a09d885c557a505e7b78e61
4e9cb9ca2ea6e0bf180d8db8d99ecd634b9a56a9
400810df0da9c231ff95a4a79d7ab78165a6fd9ac658baf23ee6671a4600c6bf
GET /wp-content/uploads/2018/06/landing-page-template-100-tall-black-316x89.png HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: image/webp
content-length: 9254
last-modified: Mon, 15 Nov 2021 17:34:19 GMT
etag: "61929a1b-2426"
expires: Sat, 27 Jan 2024 03:37:01 GMT
cache-control: max-age=31536000
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
X-Firefox-Spdy: h2
www.davideric.com/wp-content/themes/astra/assets/fonts/astra.woff
200 OK 3.3 kB URL HTTP/2 www.davideric.com/wp-content/themes/astra/assets/fonts/astra.woff
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Hash bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:02 GMT
content-type: font/woff
content-length: 3304
last-modified: Tue, 06 Dec 2022 21:11:07 GMT
etag: "638fafeb-ce8"
expires: Sat, 27 Jan 2024 03:37:02 GMT
cache-control: max-age=31536000
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
X-Firefox-Spdy: h2
davideric.17hats.com/vendor/iframeSizer.min.js
200 OK 3.0 kB URL HTTP/2 davideric.17hats.com/vendor/iframeSizer.min.js
IP
File type ASCII text, with very long lines (7273)
Hash c4dbd80fc26ccc17d35396d388a70680
a05d7c030192c17c50254268af3333cde8e0619f
cc516af71d9d2f30de43d82654bf426f2e45ce3b45b0d770790a937ca7b3d7de
GET /vendor/iframeSizer.min.js HTTP/1.1
Host: davideric.17hats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 03:37:02 GMT
content-type: application/javascript
content-length: 3041
set-cookie: AWSALB=CLvZaNCQ8DUONGQzG1wdOa5QRsDLlTV95XZXpavMNppjZbDJgwnPxUmwxvKX+2PC5WvKiTPzdekE8/MqawtWO4QarSYi89yqO8DX2vKEd1AWU/VgNQxnaO0owTOb; Expires=Fri, 03 Feb 2023 03:37:02 GMT; Path=/
AWSALBCORS=CLvZaNCQ8DUONGQzG1wdOa5QRsDLlTV95XZXpavMNppjZbDJgwnPxUmwxvKX+2PC5WvKiTPzdekE8/MqawtWO4QarSYi89yqO8DX2vKEd1AWU/VgNQxnaO0owTOb; Expires=Fri, 03 Feb 2023 03:37:02 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Thu, 26 Jan 2023 08:54:19 GMT
vary: Accept-Encoding
etag: "63d23fbb-be1"
content-encoding: gzip
expires: Sun, 26 Feb 2023 03:37:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
feature-policy: midi: 'self'
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-ancestors *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-6CKQT75EPV>m=2oe1p0&_p=1327003377&cid=214476869.1674790622&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674790622&sct=1&seg=0&dl=https%3A%2F%2Fwww.davideric.com%2F&dt=Best%20New%20Jersey%20Wedding%20Photographer%20David%20Eric%20Photography&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-6CKQT75EPV>m=2oe1p0&_p=1327003377&cid=214476869.1674790622&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674790622&sct=1&seg=0&dl=https%3A%2F%2Fwww.davideric.com%2F&dt=Best%20New%20Jersey%20Wedding%20Photographer%20David%20Eric%20Photography&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6CKQT75EPV>m=2oe1p0&_p=1327003377&cid=214476869.1674790622&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674790622&sct=1&seg=0&dl=https%3A%2F%2Fwww.davideric.com%2F&dt=Best%20New%20Jersey%20Wedding%20Photographer%20David%20Eric%20Photography&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.davideric.com
date: Fri, 27 Jan 2023 03:37:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tag.getdrip.com/6103766.js
200 OK 8 B URL HTTP/2 tag.getdrip.com/6103766.js
IP
File type ASCII text, with no line terminators
Hash de2e1607e500ee465eca3ec4505c0859
cfd432c8178796a4af548a7ed62f09bdf5fbb897
295bdad3ed86f4eeb0249f30e724344ec7be85582094013a85403ecbb77a0047
GET /6103766.js HTTP/1.1
Host: tag.getdrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 8
last-modified: Thu, 12 May 2022 16:04:36 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 27 Jan 2023 03:37:04 GMT
etag: "de2e1607e500ee465eca3ec4505c0859"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xR6axq3CBC-Wi8lhWr3BzHu7upYQePPnL6eajqeUvaLxMNHr7sKTOA==
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 27 Jan 2023 01:45:20 GMT
expires: Fri, 27 Jan 2023 03:45:20 GMT
cache-control: public, max-age=7200
age: 6704
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js
200 OK 7.8 kB URL HTTP/2 www.davideric.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 7bd09412001acbe99342789579b9e4fe
9ccc30d447caf0a35926638a62057f1a7eaec559
103439628837bd82d74c048b11ca70911dddf61f992dde15fdfee622df3d2836
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 09:25:37 GMT
etag: W/"63c7bb11-6b45"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ACI1tv8yTfMmZlU2WZAPcZ1dn51rxY4JaBSH5PKzZnmrCVAW2PSCuq620l/h+gBO66Y4aha0uZ73ABu0AxmrMg==
content-length: 27859
x-fb-trip-id: 1679558926
date: Fri, 27 Jan 2023 03:37:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 37dce3efd55b962e0d26fdc3a1033e22
6453d72e70e36bd37ca1744d85ec9ca549629cf2
0b8f3eab1044d6159677c241e96e244f10d78fe339d37c94e65f8495b216f3bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 377
Cache-Control: max-age=157671
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:37:04 GMT
Etag: "63d30a4e-1d7"
Expires: Sat, 28 Jan 2023 23:24:55 GMT
Last-Modified: Thu, 26 Jan 2023 23:18:38 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:37:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5564316-15&cid=214476869.1674790622&jid=183435243&gjid=2058046938&_gid=500782240.1674790624&_u=YADAAUAAAAAAACAAI~&z=2121755353
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5564316-15&cid=214476869.1674790622&jid=183435243&gjid=2058046938&_gid=500782240.1674790624&_u=YADAAUAAAAAAACAAI~&z=2121755353
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5564316-15&cid=214476869.1674790622&jid=183435243&gjid=2058046938&_gid=500782240.1674790624&_u=YADAAUAAAAAAACAAI~&z=2121755353 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.davideric.com
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.davideric.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Jan 2023 03:37:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 03:37:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.davideric.com/wp-content/uploads/new-jersey-wedding-photography-0018e.jpg
200 OK 488 kB URL HTTP/2 www.davideric.com/wp-content/uploads/new-jersey-wedding-photography-0018e.jpg
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x1067, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 488 kB (488364 bytes)
Hash 0717a45a88144d051b93536eb79cd875
48715ea01f9041420ec7204fba5b1839fe9eb950
1f2c783be59e6bcd1e99a69984b8410a54c09c68bb23a3bb5a58e7a80623b7fe
GET /wp-content/uploads/new-jersey-wedding-photography-0018e.jpg HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-9a8f06c45fb084cb8eb909c4c1006790.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:02 GMT
content-type: image/webp
content-length: 488364
last-modified: Tue, 08 Jun 2021 18:52:48 GMT
etag: "60bfbc80-773ac"
expires: Sat, 27 Jan 2024 03:37:02 GMT
cache-control: max-age=31536000
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
X-Firefox-Spdy: h2
www.davideric.com/wp-content/uploads/new-jersey-wedding-photographer-0011-2.jpg
200 OK 491 kB URL HTTP/2 www.davideric.com/wp-content/uploads/new-jersey-wedding-photographer-0011-2.jpg
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2048x1365, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 491 kB (490816 bytes)
Hash 0f15ce2723804243835a56c98ded4bc0
4a5421230000731ae2decc6118ccc718930e08bd
e673f324cdee254ee7c3a2334ee72e7a3430d34d26fdad6c2a7382d58e36773f
GET /wp-content/uploads/new-jersey-wedding-photographer-0011-2.jpg HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-9a8f06c45fb084cb8eb909c4c1006790.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:02 GMT
content-type: image/webp
content-length: 490816
last-modified: Sat, 16 May 2020 00:24:36 GMT
etag: "5ebf32c4-77d40"
expires: Sat, 27 Jan 2024 03:37:02 GMT
cache-control: max-age=31536000
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=627663274459026&ev=PageView&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624888&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=0&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=627663274459026&ev=PageView&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624888&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=0&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=627663274459026&ev=PageView&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624888&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=0&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Jan 2023 03:37:05 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=627663274459026&ev=AdvancedEvents&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624895&cd[login_status]=not_logged_in&cd[post_type]=page&cd[object_id]=2938&cd[object_type]=home&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=2&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=627663274459026&ev=AdvancedEvents&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624895&cd[login_status]=not_logged_in&cd[post_type]=page&cd[object_id]=2938&cd[object_type]=home&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=2&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=627663274459026&ev=AdvancedEvents&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624895&cd[login_status]=not_logged_in&cd[post_type]=page&cd[object_id]=2938&cd[object_type]=home&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=2&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Jan 2023 03:37:05 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=627663274459026&ev=ViewContent&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624892&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=1&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=627663274459026&ev=ViewContent&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624892&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=1&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=627663274459026&ev=ViewContent&dl=https%3A%2F%2Fwww.davideric.com%2F&rl=&if=false&ts=1674790624892&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&cd[language]=en-US&cd[referrer]=&sw=1280&sh=1024&v=2.9.94&r=stable&a=dvpixelcaffeinewordpress&ec=1&o=30&fbp=fb.1.1674790624887.1219344293&it=1674790624079&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 27 Jan 2023 03:37:05 GMT
X-Firefox-Spdy: h2
www.davideric.com/wp-content/uploads/2018/06/cropped-favicon-192x192.jpg
200 OK 7.8 kB URL HTTP/2 www.davideric.com/wp-content/uploads/2018/06/cropped-favicon-192x192.jpg
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5280dc389a65d1e2a22de298bdc81893
b4ccf3adb180486ab408406ee07899160b8ea6b7
dde20364caf4fc955a7ad94caadc5742ebfd72b1e074153a9e4b322f5854e7d9
GET /wp-content/uploads/2018/06/cropped-favicon-192x192.jpg HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Cookie: _ga_6CKQT75EPV=GS1.1.1674790622.1.0.1674790622.0.0.0; _ga=GA1.1.214476869.1674790622
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:04 GMT
content-type: image/webp
content-length: 7794
last-modified: Tue, 08 Jun 2021 19:01:08 GMT
etag: "60bfbe74-1e72"
expires: Sat, 27 Jan 2024 03:37:04 GMT
cache-control: max-age=31536000
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
X-Firefox-Spdy: h2
www.davideric.com/wp-content/uploads/2018/06/cropped-favicon-32x32.jpg
200 OK 752 B URL HTTP/2 www.davideric.com/wp-content/uploads/2018/06/cropped-favicon-32x32.jpg
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd16463001bddd04082f9a81ad83bd05
bd038851aacb984ed6eff7e4c499d63de444fcaf
0b980c1e5c92acdd576dc5e173660d3d74661c026655049be1307d9c7dfa3aeb
GET /wp-content/uploads/2018/06/cropped-favicon-32x32.jpg HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Cookie: _ga_6CKQT75EPV=GS1.1.1674790622.1.0.1674790622.0.0.0; _ga=GA1.1.214476869.1674790622
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:04 GMT
content-type: image/webp
content-length: 752
last-modified: Tue, 08 Jun 2021 19:01:08 GMT
etag: "60bfbe74-2f0"
expires: Sat, 27 Jan 2024 03:37:04 GMT
cache-control: max-age=31536000
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
X-Firefox-Spdy: h2
www.davideric.com/wp-includes/js/wp-emoji-release.min.js
200 OK 83 kB URL HTTP/2 www.davideric.com/wp-includes/js/wp-emoji-release.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash a1ef388254057e920eff140e2ece0c7d
c1bac3fca94d9dff946a9fcba9f3df41a653b19e
b32f6d3a056238e98d6ac3c245f480db338098b48fd392307fe02a43d670d5df
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 May 2022 20:33:11 GMT
etag: W/"628fe407-48b9"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/uploads/new-jersey-engagement-photography-1019.jpg
200 OK 335 kB URL HTTP/2 www.davideric.com/wp-content/uploads/new-jersey-engagement-photography-1019.jpg
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1500x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 335 kB (335036 bytes)
Hash 77bab0da72438028ff74edb2277efe24
a7dfc15eb58456c761b4dc4da4132271bb42c355
a1c44f08c7931319b4e051a049cc0399ea0b2534efff269f41829f9d87b92aff
GET /wp-content/uploads/new-jersey-engagement-photography-1019.jpg HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Cookie: _ga_6CKQT75EPV=GS1.1.1674790622.1.0.1674790622.0.0.0; _ga=GA1.1.214476869.1674790622
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:03 GMT
content-type: image/webp
content-length: 335036
last-modified: Tue, 19 May 2020 20:07:41 GMT
etag: "5ec43c8d-51cbc"
expires: Sat, 27 Jan 2024 03:37:03 GMT
cache-control: max-age=31536000
x-cdn-c: static
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
X-Firefox-Spdy: h2
www.davideric.com/
200 OK 0 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache-enabled: True
link: <https://www.davideric.com/wp-json/>; rel="https://api.w.org/", <https://www.davideric.com/wp-json/wp/v2/pages/2938>; rel="alternate"; type="application/json", <https://www.davideric.com/>; rel=shortlink
x-httpd-modphp: 1
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 May 2022 20:33:11 GMT
etag: W/"628fe407-194b"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 09:22:55 GMT
etag: W/"6389c3ef-1ed0"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 09:25:37 GMT
etag: W/"63c7bb11-14ef"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-includes/js/dist/hooks.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-includes/js/dist/hooks.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 May 2022 20:33:11 GMT
etag: W/"628fe407-132e"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-includes/js/dist/i18n.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-includes/js/dist/i18n.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 04 Nov 2022 12:07:15 GMT
etag: W/"63650073-27f6"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-includes/js/jquery/ui/core.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-includes/js/jquery/ui/core.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 04 Nov 2022 12:07:15 GMT
etag: W/"63650073-53c0"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-9a8f06c45fb084cb8eb909c4c1006790.css
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-9a8f06c45fb084cb8eb909c4c1006790.css
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-9a8f06c45fb084cb8eb909c4c1006790.css HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 09:30:27 GMT
etag: W/"63c7bc33-f0508"
expires: Fri, 26 Jan 2024 22:20:58 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/themes/astra/assets/js/minified/style.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/themes/astra/assets/js/minified/style.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/js/minified/style.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 06 Dec 2022 21:11:07 GMT
etag: W/"638fafeb-289e"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/uploads/astra-addon/astra-addon-63c90cb1489e56-94670174.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/uploads/astra-addon/astra-addon-63c90cb1489e56-94670174.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/astra-addon/astra-addon-63c90cb1489e56-94670174.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 19 Jan 2023 09:26:09 GMT
etag: W/"63c90cb1-887f"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 09:25:37 GMT
etag: W/"63c7bb11-543c"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Jan 2023 21:23:37 GMT
etag: W/"63c711d9-8c1e"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Jan 2023 21:23:37 GMT
etag: W/"63c711d9-2fa6"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/elementor/assets/js/frontend.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/plugins/elementor/assets/js/frontend.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Jan 2023 21:23:37 GMT
etag: W/"63c711d9-9f8a"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Jan 2023 21:23:37 GMT
etag: W/"63c711d9-1396"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 04 Nov 2022 12:07:15 GMT
etag: W/"63650073-459f"
expires: Fri, 26 Jan 2024 22:21:00 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
www.davideric.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
200 OK 0 B URL HTTP/2 www.davideric.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: www.davideric.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.davideric.com/
Cookie: _ga_6CKQT75EPV=GS1.1.1674790622.1.0.1674790622.0.0.0; _ga=GA1.1.214476869.1674790622
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 03:37:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Jan 2023 21:23:37 GMT
etag: W/"63c711d9-550"
expires: Fri, 26 Jan 2024 22:21:33 GMT
cache-control: max-age=31536000
x-cdn-c: static
content-encoding: gzip
x-sg-cdn: 1
x-proxy-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
X-Firefox-Spdy: h2
35.197.227.153
34.120.237.76
157.240.205.11
34.91.95.185
23.36.77.32
0.0.0.0