blog.david-anton.com/
82.165.101.27301 Moved Permanently 162 B IP 82.165.101.27:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 19 Sep 2022 05:10:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://blog.david-anton.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6648
Expires: Mon, 19 Sep 2022 07:01:50 GMT
Date: Mon, 19 Sep 2022 05:11:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 04:12:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GwzjJw4B2PxRZuj2O8Qk5lZlmaYnsuwCCczy3i97iwsl5rjvosZydg==
Age: 3504
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8V0iCqca1S0qNAWMCwv9sOfXrYEEGGOqdgXqQHVPxd01zqRx7OQKiQ==
age: 2149
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 360e7f705ded402057315d9100e7863c
7dfdde81985e75bdc3ac3ff1e773a70ba0a0ce71
2fec4e30bf05f6a76c57f78a416a1b7393c084f0abd38c008d565dc28e8c09d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FEC4E30BF05F6A76C57F78A416A1B7393C084F0ABD38C008D565DC28E8C09D0"
Last-Modified: Fri, 16 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 11:11:02 GMT
Date: Mon, 19 Sep 2022 05:11:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 05:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 06:00:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kkOBRzYNXZUk2T1ThpXK5khcWtXQzfxSnXBQuy-kCClc4kiPEHSxGw==
Age: 460
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5212
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:11:02 GMT
Last-Modified: Mon, 19 Sep 2022 03:44:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KL5H4oOpPrsCVQapClgC6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i9COpcOZMoDowot++C1IeveVjSo=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9365
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:11:04 GMT
Connection: keep-alive
blog.david-anton.com/
82.165.101.27200 OK 13 kB IP 82.165.101.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51221)
Hash 293c6dd191da0ba1650f68d3bac6a8eb
6a0aab483dc60667eb2badd88d0c5bdbba1a7669
f26771d5e66b80fb6ccffabd116daac5cfda19383fb674a668c876ece2588e5c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:00 GMT
content-type: text/html; charset=UTF-8
content-length: 13279
x-ua-compatible: IE=edge
link: <https://blog.david-anton.com/wp-json/>; rel="https://api.w.org/"
set-cookie: -bsBiMKuf=tow.vgMAn7eYV; expires=Tue, 20-Sep-2022 05:10:59 GMT; Max-Age=86400; path=/; secure
TsBj_PQnDWSMKNhO=4KUVaQTXiC72l; expires=Tue, 20-Sep-2022 05:10:59 GMT; Max-Age=86400; path=/; secure
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:10:59 GMT
x-cache-status: MISS
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9365
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:11:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9365
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:11:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9365
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:11:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9365
Expires: Mon, 19 Sep 2022 07:47:09 GMT
Date: Mon, 19 Sep 2022 05:11:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcd68f4f4d0188a96a06b1793abf38e1
df40b195d24c1b58123c40f8b01294035c9076a5
6c8d53d76269c3f945cc28f3005bcdbbaf1a748a65a166db6c7161f382a47609
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3375
x-amzn-requestid: 4827cdf6-5641-44cd-a076-d8b29bb34ffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSyFO0IAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790de-45acc6fe6064eb3f23e4ea77;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cScYxWAyH0k8XDOCgN_1sTVufxBo0K5Dbp6_rYiIx3MBWZf_uUkyPQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:50:11 GMT
age: 26453
etag: "df40b195d24c1b58123c40f8b01294035c9076a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1976af26c5d4a671c8298bffafc90ce3
9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8
2349b9e1233d43cf8d0ff273f8bf6147dda00314fd631a81cb278ce0b8e32684
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12545
x-amzn-requestid: 6720348a-0245-486b-a978-2df18eb4bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7YKHayIAMFo1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325729a-2601f775219651777cba839c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:09:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NdQpOGtyA7AxpmkvFf3K3IrkgSku9QQzQ4BvpoRfTv16Kj1Gr6n7oA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:07:31 GMT
age: 79413
etag: "9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba617391-badf-49a7-8b58-f6b0e934e0f2.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba617391-badf-49a7-8b58-f6b0e934e0f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77b03ce2b3a9013719879589aec6f9d3
91391b256ed587b935247499c1450dd08a0df081
ae5752fc136df7a15d4d75fc4589b33177286ad52219125fbfc255d39039f68c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba617391-badf-49a7-8b58-f6b0e934e0f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7646
x-amzn-requestid: 2e786bb2-21ed-4df7-82ba-a62ec39b5d82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yj92PEi5oAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324a9c1-1ace3c2027cbb6b95cb575de;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 16:52:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lyMXGa6Hzrqc-9nHgx5ULcKCkO9703QvL2ky1aii9U4WIHUHU1yzfg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:29 GMT
age: 26255
etag: "91391b256ed587b935247499c1450dd08a0df081"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 26323
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04257e82bf07e6a862ce2d4bbdfc068f
7a462e8d05cd56531957436470a1814d982e282b
bbc0f0dd6244934098a0e8bfa34b8e07e8a424e309030c2f07d9e441b6f481ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F438ffa79-f423-4d90-8f37-4026c4546d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 710bed7d-62c4-4b48-b16c-c94f1a15c1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpLIkHlZoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326bf03-375d74b4344cb7db4036e2b2;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 06:47:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AD7jWfvJngdXmqOJlo6HiLCUEZG_mgVFVaos0hwSPYpLVsGFBik37Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 11:10:34 GMT
age: 64830
etag: "7a462e8d05cd56531957436470a1814d982e282b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70eaf97a-8ffa-4ca6-b5fd-5160d2e46b50.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70eaf97a-8ffa-4ca6-b5fd-5160d2e46b50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc30aa54bd83aca794c4b70b1b0bf934
81ed341fd14cc18a295ebff428a207127439cb92
0efb907719d4cfd7524043348550fb39addd8e4b16f866e3fd6e9b3be35b8f20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70eaf97a-8ffa-4ca6-b5fd-5160d2e46b50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6559
x-amzn-requestid: a1b19d40-e086-4fdc-b3a3-7d9ced591a97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOU5GnKoAMF6nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790eb-2e134a7048f6800f61defb78;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AesLN8aQ7nDePicOsyRUaQ9occYueZ847Gr9ON3J_EgMTiAVoOUxMw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:52 GMT
age: 26352
etag: "81ed341fd14cc18a295ebff428a207127439cb92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-1058630-21
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-1058630-21
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 4425b2533ea6e06f1dba6853b1a6464f
8346fd043e1a8d63f24f9fc397867ebb6a600c7c
6780a87570da937436315ce614cd11ea4acec858d27262a276bb1762e6cd8d04
GET /gtag/js?id=UA-1058630-21 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 05:11:04 GMT
expires: Mon, 19 Sep 2022 05:11:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42377
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/cache/autoptimize/js/autoptimize_single_42661f2126c5821c455034d9e360b562.js?ver=3.28
82.165.101.27200 OK 345 B URL HTTP/2 blog.david-anton.com/wp-content/cache/autoptimize/js/autoptimize_single_42661f2126c5821c455034d9e360b562.js?ver=3.28
IP 82.165.101.27:0
File type ASCII text, with very long lines (317)
Hash 65812b5c9c6823e9f4720a3b9aa07c82
141d89427afc3ea5b2a6babb2f5ea27369527de5
eecd3affa358703ef69aa0c86a99ce9fd95233bf0babe11c990fa97a6bda9905
GET /wp-content/cache/autoptimize/js/autoptimize_single_42661f2126c5821c455034d9e360b562.js?ver=3.28 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
content-length: 345
x-accel-version: 0.01
last-modified: Wed, 31 Aug 2022 10:12:19 GMT
etag: "306-5e786bb68d5fc-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30672000, public, immutable
expires: Sat, 09 Sep 2023 05:11:01 GMT
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/themes/imagely/inc/side-panel/assets/js/main.min.js
82.165.101.27200 OK 360 B URL HTTP/2 blog.david-anton.com/wp-content/themes/imagely/inc/side-panel/assets/js/main.min.js
IP 82.165.101.27:0
File type ASCII text, with very long lines (793)
Hash 1dc2aa6c0041e29dd8a9325898b61fa8
f2effe9c6e586f9203eab8332f416dd8d61921eb
10b8fe23bb9431b9fbc22eefb9a6d4f6de0eb76ff0f51b385e723f5df25cbd74
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/imagely/inc/side-panel/assets/js/main.min.js HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
content-length: 360
x-accel-version: 0.01
last-modified: Tue, 28 Dec 2021 18:19:23 GMT
etag: "33e-5d438dc55b982-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 05:11:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0b40610b320551c4b78760dc53a9aef0
88b663e2505e806669bf172b6b5595ab6e11ac94
cca4a3c05f1017a2eda6cd6ca342f6308c2ed064df0cf725a178d95159e81b81
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 05:11:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 13:08:41 GMT
Expires: Sun, 25 Sep 2022 13:08:40 GMT
Etag: "88b663e2505e806669bf172b6b5595ab6e11ac94"
Cache-Control: max-age=546455,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cfd18d5e169933-ARN
blog.david-anton.com/wp-content/cache/autoptimize/css/autoptimize_c48c38e06f091ed5554d3d5562236e33.css
82.165.101.27200 OK 133 kB URL HTTP/2 blog.david-anton.com/wp-content/cache/autoptimize/css/autoptimize_c48c38e06f091ed5554d3d5562236e33.css
IP 82.165.101.27:0
File type ASCII text, with very long lines (43771)
Size 133 kB (133279 bytes)
Hash 11c177ff055c079eab710cb392292585
80509def4750c6b6d71deb5350a977e31e15ef78
809fd705b56498c3822248f127272ead720eaff50989d47a2b72f0855ffd52a0
GET /wp-content/cache/autoptimize/css/autoptimize_c48c38e06f091ed5554d3d5562236e33.css HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:00 GMT
content-type: text/css
last-modified: Wed, 31 Aug 2022 10:31:31 GMT
cache-control: max-age=30672000, public, immutable
expires: Sat, 09 Sep 2023 05:11:00 GMT
etag: W/"630f3883-5f7dd"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1200/https://blog.david-anton.com/wp-content/uploads/wpja-number.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1200/https://blog.david-anton.com/wp-content/uploads/wpja-number.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_glossy,ret_img,w_1200/https://blog.david-anton.com/wp-content/uploads/wpja-number.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 19 Sep 2022 05:11:04 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://blog.david-anton.com/wp-content/uploads/wpja-number.jpg
server: BunnyCDN-NO-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 09/19/2022 05:11:04
cdn-tag: 0; Domain: blog.david-anton.com; 302
cdn-proxyver: 1.02
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 4955f80fc15fbc58c77b7ca86be3044c
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1280/https://blog.david-anton.com/wp-content/uploads/Hochzeitsfotograf-Offenburg-0005.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1280/https://blog.david-anton.com/wp-content/uploads/Hochzeitsfotograf-Offenburg-0005.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_glossy,ret_img,w_1280/https://blog.david-anton.com/wp-content/uploads/Hochzeitsfotograf-Offenburg-0005.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 19 Sep 2022 05:11:04 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://blog.david-anton.com/wp-content/uploads/Hochzeitsfotograf-Offenburg-0005.jpg
server: BunnyCDN-NO-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 09/19/2022 05:11:04
cdn-tag: 0; Domain: blog.david-anton.com; 302
cdn-proxyver: 1.02
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 7f354f2ede3bf8980b1a3d3fb15bc232
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_500/https://blog.david-anton.com/wp-content/uploads/Obdachlose-Madrid.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_500/https://blog.david-anton.com/wp-content/uploads/Obdachlose-Madrid.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_glossy,ret_img,w_500/https://blog.david-anton.com/wp-content/uploads/Obdachlose-Madrid.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 19 Sep 2022 05:11:04 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://blog.david-anton.com/wp-content/uploads/Obdachlose-Madrid.jpg
server: BunnyCDN-NO-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 09/19/2022 05:11:04
cdn-tag: 0; Domain: blog.david-anton.com; 302
cdn-proxyver: 1.02
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 253ccd851eae34ded97fb8c46ee28e1c
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1419/https://blog.david-anton.com/wp-content/uploads/Best-Hochzeitsfotos-2019.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_1419/https://blog.david-anton.com/wp-content/uploads/Best-Hochzeitsfotos-2019.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_glossy,ret_img,w_1419/https://blog.david-anton.com/wp-content/uploads/Best-Hochzeitsfotos-2019.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 19 Sep 2022 05:11:04 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://blog.david-anton.com/wp-content/uploads/Best-Hochzeitsfotos-2019.jpg
server: BunnyCDN-NO-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 09/19/2022 05:11:04
cdn-tag: 0; Domain: blog.david-anton.com; 302
cdn-proxyver: 1.02
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: cacfe73be6ac6e2fd9a7809d7dc5be24
cdn-cache: MISS
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/uploads/wpja-number.jpg
82.165.101.27200 OK 74 kB URL HTTP/2 blog.david-anton.com/wp-content/uploads/wpja-number.jpg
IP 82.165.101.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x484, components 3\012- data
Hash 195f9a10efa381cd70682ed518b887f8
90663968c53912207527907fd5740096c4f2970f
984e8316ae7cf6d741d90b7fc33763d409dd9174bcaa59b51438bd56cd3806f0
GET /wp-content/uploads/wpja-number.jpg HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blog.david-anton.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: image/jpeg
content-length: 74423
last-modified: Thu, 06 Feb 2020 09:40:59 GMT
cache-control: max-age=5184000
expires: Fri, 18 Nov 2022 05:11:01 GMT
etag: "5e3bdf2b-122b7"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/uploads/Hochzeitsfotograf-Offenburg-0005.jpg
82.165.101.27200 OK 224 kB URL HTTP/2 blog.david-anton.com/wp-content/uploads/Hochzeitsfotograf-Offenburg-0005.jpg
IP 82.165.101.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, copyright=David Anton Asensio], baseline, precision 8, 1280x854, components 3\012- data
Size 224 kB (223975 bytes)
Hash d91a07ee1578064700da88c1a6d6cca6
079c34b5ae4ab125164feb935a92b8e1ef66c0e9
15bcf37e5c2c5cdf8a6a5fe02dc67e071d6da1f631526ad6dc12f7707b7455c8
GET /wp-content/uploads/Hochzeitsfotograf-Offenburg-0005.jpg HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blog.david-anton.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: image/jpeg
content-length: 223975
last-modified: Fri, 31 Dec 2021 10:56:10 GMT
cache-control: max-age=5184000
expires: Fri, 18 Nov 2022 05:11:01 GMT
etag: "61cee1ca-36ae7"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.min.js?ver=3.28
82.165.101.27200 OK 106 kB URL HTTP/2 blog.david-anton.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.min.js?ver=3.28
IP 82.165.101.27:0
File type ASCII text, with very long lines (415)
Size 106 kB (105885 bytes)
Hash b4d9c261359732455742cc4cbe822d75
8dd566505b17e619218f670de08e398215fc0211
a50cbdd9c5f388db934a8994c8643c6f04d2735f80762219fcda3409ae73a9f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.min.js?ver=3.28 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 10:09:55 GMT
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
etag: W/"630f3373-a95"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/uploads/Best-Hochzeitsfotos-2019.jpg
82.165.101.27200 OK 521 kB URL HTTP/2 blog.david-anton.com/wp-content/uploads/Best-Hochzeitsfotos-2019.jpg
IP 82.165.101.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1419x1844, components 3\012- data
Size 521 kB (520857 bytes)
Hash 00947a9be132fe12e94a6443e879a027
4354cc06e21c554dbc0e7de5231cf989012d5d95
a6a8f36a706fa8789ecac0168772f7a15470cb05b4e9f3d97d45060267ef5d4d
GET /wp-content/uploads/Best-Hochzeitsfotos-2019.jpg HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blog.david-anton.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: image/jpeg
content-length: 520857
last-modified: Sun, 22 Dec 2019 11:09:23 GMT
cache-control: max-age=5184000
expires: Fri, 18 Nov 2022 05:11:01 GMT
etag: "5dff4ee3-7f299"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56c7ab11d938ed864c4485cb58b1d01d
e0e02965d24f369040aab9d20c3f8279eb508cbc
34a71b2246a3942b43c423e2b5d7b2809a3b7e4882ccc3c0d720c1be8c091e57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A71B2246A3942B43C423E2B5D7B2809A3B7E4882CCC3C0D720C1BE8C091E57"
Last-Modified: Sat, 17 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Mon, 19 Sep 2022 11:10:33 GMT
Date: Mon, 19 Sep 2022 05:11:04 GMT
Connection: keep-alive
use.fontawesome.com/releases/v5.3.1/css/v4-shims.css?ver=6.0.2
172.67.169.247200 OK 591 kB URL HTTP/2 use.fontawesome.com/releases/v5.3.1/css/v4-shims.css?ver=6.0.2
IP 172.67.169.247:0
File type ASCII text, with very long lines (26508)
Size 591 kB (590982 bytes)
Hash a9021f061cc9e470811ab9a766279c38
19043bd9efa7ff1cae408f5def100cd77166f1a0
948483ad7ce6685eb4e510f3c0d4451f2fe8726ee28229626771950d59507cf7
GET /releases/v5.3.1/css/v4-shims.css?ver=6.0.2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:11:04 GMT
content-type: text/css
x-amz-id-2: SoYzlRYJmwpYBVl5qZEhawkufZLGG8yJB/QNlhYTW2ahducSJEBFZURK754OCnQxiyy/tv2h0rk=
x-amz-request-id: G10T5ST3DRC3GCR9
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
etag: W/"25b2445e0c1838b110583405b3ec0177"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1646300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YGiCmRPjUaftYI6uoF5H%2F7CEOoQWo531FDQi%2Bea9pAE8HfTEUzfGQnQ2JvPIKPC9msgeK5%2FybFKjET3%2B5zlz87qPUu1rdeGCUUeNuMOJuPmjIiKvGdFK2r5FSvigTOnxbk9Ub3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfd18d69a1dcef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blog.david-anton.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
82.165.101.27200 OK 27 kB URL HTTP/2 blog.david-anton.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 82.165.101.27:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash a88307d0e3775d383cff184d5f3bbbbf
6ebf57a8c14da1edb652aa5fa4cf579e490d0b70
7af893a3bb181d5c4c44cc4dccb95fc9efa7fca00f3f85da0b458e0f1e13540e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 10:11:31 GMT
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
etag: W/"630f33d3-4ac6"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_32,h_32/https://blog.david-anton.com/wp-content/uploads/cropped-favicon-32x32.png
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_32,h_32/https://blog.david-anton.com/wp-content/uploads/cropped-favicon-32x32.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_glossy,ret_img,w_32,h_32/https://blog.david-anton.com/wp-content/uploads/cropped-favicon-32x32.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 19 Sep 2022 05:11:05 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://blog.david-anton.com/wp-content/uploads/cropped-favicon-32x32.png
server: BunnyCDN-NO-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 09/19/2022 05:11:05
cdn-tag: 0; Domain: blog.david-anton.com; 302
cdn-proxyver: 1.02
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 592429f1444e603815f0d0d74ea2776b
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_192,h_192/https://blog.david-anton.com/wp-content/uploads/cropped-favicon-192x192.png
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_192,h_192/https://blog.david-anton.com/wp-content/uploads/cropped-favicon-192x192.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_glossy,ret_img,w_192,h_192/https://blog.david-anton.com/wp-content/uploads/cropped-favicon-192x192.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 19 Sep 2022 05:11:05 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://blog.david-anton.com/wp-content/uploads/cropped-favicon-192x192.png
server: BunnyCDN-NO-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 09/19/2022 05:11:05
cdn-tag: 0; Domain: blog.david-anton.com; 302
cdn-proxyver: 1.02
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 341db68d3ced910d4da6229392a58a3b
cdn-cache: MISS
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/uploads/cropped-favicon-32x32.png
82.165.101.27200 OK 947 B URL HTTP/2 blog.david-anton.com/wp-content/uploads/cropped-favicon-32x32.png
IP 82.165.101.27:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 084f979506c42d6a7b9b6d0277aa674a
3d278950ef32dd7aa762a42e5d3ebc10f134c761
6389891f3abd3f417fa4ab0fe511b546e9bdc8d9ff13d1235a0c3e5280dd011f
GET /wp-content/uploads/cropped-favicon-32x32.png HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blog.david-anton.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: image/png
content-length: 947
x-accel-version: 0.01
last-modified: Fri, 30 Nov 2018 11:36:33 GMT
etag: "3b3-57be0360ea6e5"
cache-control: max-age=5184000
expires: Fri, 18 Nov 2022 05:11:01 GMT
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/uploads/cropped-favicon-192x192.png
82.165.101.27200 OK 4.6 kB URL HTTP/2 blog.david-anton.com/wp-content/uploads/cropped-favicon-192x192.png
IP 82.165.101.27:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 144036e0d7cfec77fa7664c3da50592c
d061ed6a781c7ed88b8716bb5ad7b4aed430c10a
a11b9c000a767fefe675115e92a3f6b051677fd0aaa7b89119be37448484cbfa
GET /wp-content/uploads/cropped-favicon-192x192.png HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blog.david-anton.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: image/png
content-length: 4639
last-modified: Fri, 30 Nov 2018 11:36:33 GMT
cache-control: max-age=5184000
expires: Fri, 18 Nov 2022 05:11:01 GMT
etag: "5c0120c1-121f"
x-cache-status: MISS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-MGRL7TWHZV>m=2oe9e0&_p=1418338147&gdid=dZTNiMT&cid=458468010.1663564246&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663564245&sct=1&seg=0&dl=https%3A%2F%2Fblog.david-anton.com%2F&dt=Hochzeitsfotograf%20Karlsruhe&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-MGRL7TWHZV>m=2oe9e0&_p=1418338147&gdid=dZTNiMT&cid=458468010.1663564246&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663564245&sct=1&seg=0&dl=https%3A%2F%2Fblog.david-anton.com%2F&dt=Hochzeitsfotograf%20Karlsruhe&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-MGRL7TWHZV>m=2oe9e0&_p=1418338147&gdid=dZTNiMT&cid=458468010.1663564246&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663564245&sct=1&seg=0&dl=https%3A%2F%2Fblog.david-anton.com%2F&dt=Hochzeitsfotograf%20Karlsruhe&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.david-anton.com
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://blog.david-anton.com
date: Mon, 19 Sep 2022 05:11:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blog.david-anton.com/page/2/
82.165.101.27200 OK 13 kB URL HTTP/2 blog.david-anton.com/page/2/
IP 82.165.101.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (48666)
Hash 020fa1ab9e0452de8957e58129822b29
4fe4dc12fcbc82a32fa0155cbb009e9228c559ee
ec027fab5d502b273081a6faa9e0d132d114fe0f185eb5011d16a669d2b5bc67
Analyzer Verdict Alert fortinet Phishing
GET /page/2/ HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l; _ga_MGRL7TWHZV=GS1.1.1663564245.1.0.1663564245.0.0.0; _ga=GA1.2.458468010.1663564246; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; _gid=GA1.2.816455249.1663564246; _gat_gtag_UA_1058630_21=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:03 GMT
content-type: text/html; charset=UTF-8
content-length: 12675
x-ua-compatible: IE=edge
link: <https://blog.david-anton.com/wp-json/>; rel="https://api.w.org/"
set-cookie: -bsBiMKuf=tow.vgMAn7eYV; expires=Tue, 20-Sep-2022 05:11:02 GMT; Max-Age=86400; path=/; secure
TsBj_PQnDWSMKNhO=4KUVaQTXiC72l; expires=Tue, 20-Sep-2022 05:11:02 GMT; Max-Age=86400; path=/; secure
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
x-cache-status: BYPASS
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 8af37b3f-bacb-4f13-a539-0a8a1e2c7fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN_VHdooAMF8cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279061-083f90a5264568d85ce86e5a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tPeWvkV7t7BSrnTA0G2Sf_KmuH5M4azBRhaeNuuaeiOW7zB4RhM_mw==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:50 GMT
age: 26361
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blog.david-anton.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 82.165.101.27:0
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 10:11:31 GMT
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
etag: W/"630f33d3-194b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.3.1/js/all.js?ver=5.3.1
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.3.1/js/all.js?ver=5.3.1
IP 172.67.169.247:0
GET /releases/v5.3.1/js/all.js?ver=5.3.1 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.david-anton.com
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:11:05 GMT
content-type: application/javascript
x-amz-id-2: nGq1zOF6Dngpbub95BIjM7LdyximZSwsxpEBSG7lvee5QM7amdKK55ZmHQ+9TudUDeCxBKqWmrU=
x-amz-request-id: A2J3EY5HE00RCPS8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
etag: W/"d0482db440697a659af4980d2e841891"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9x3cnbPA8kBEFhTR8kJoQEMuyThjwjwyY%2B3SvGLsDn%2Fp9YWaFMX0DdbFgoNjI%2F5iViBceghrwTHUuA7VTzKT1XBQ7g%2BYbz%2FD%2FEhZXuOz3kVHNUaKGW9NKsU1mB8p1v8bb37RnzKS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74cfd18d6957dcab-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blog.david-anton.com/wp-includes/css/dashicons.min.css?ver=6.0.2
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 82.165.101.27:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: text/css
last-modified: Tue, 28 Dec 2021 18:21:44 GMT
cache-control: max-age=5184000
expires: Fri, 18 Nov 2022 05:11:01 GMT
etag: W/"61cb55b8-e688"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.3.1/js/v4-shims.js?ver=5.3.1
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.3.1/js/v4-shims.js?ver=5.3.1
IP 172.67.169.247:0
GET /releases/v5.3.1/js/v4-shims.js?ver=5.3.1 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 05:11:04 GMT
content-type: application/javascript
x-amz-id-2: tUf1p5HZhfZZNZasVIKTP381zYR3AHcKpt5rjul0giJyctEwrw2J/LDRAFmj1PtlS6vpTJU/ME4=
x-amz-request-id: 0R8GPEQYZG505BFN
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
etag: W/"ee849cdefc4ea73142659f04402a1a99"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1646314
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvFgn5r80agXVMzXSMsbAk0DvAgDg%2FNVAVVViUFgCoC0rrtaivhYdX9DaRZ4GCPk55u%2FMCZe5dhqQwjL92R6f9Zyd6PI6DefxSlsIpDmeyrKCAVhcIJ5ecrp876%2F%2FmRm5X3gdElw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74cfd18d699edcef-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blog.david-anton.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 82.165.101.27:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 18:21:44 GMT
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
etag: W/"61cb55b8-2bd8"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/cache/autoptimize/js/autoptimize_single_ae0f40d4f21faa4c3ae5e3ec85853384.js?ver=5.6.2
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-content/cache/autoptimize/js/autoptimize_single_ae0f40d4f21faa4c3ae5e3ec85853384.js?ver=5.6.2
IP 82.165.101.27:0
GET /wp-content/cache/autoptimize/js/autoptimize_single_ae0f40d4f21faa4c3ae5e3ec85853384.js?ver=5.6.2 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 10:12:19 GMT
cache-control: max-age=30672000, public, immutable
expires: Sat, 09 Sep 2023 05:11:01 GMT
etag: W/"630f3403-5591"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blog.david-anton.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 82.165.101.27:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 18:21:44 GMT
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
etag: W/"61cb55b8-15db1"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/cache/autoptimize/js/autoptimize_single_dffa195b546cf1dfd52f2206955eb892.js?ver=2.1.2
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-content/cache/autoptimize/js/autoptimize_single_dffa195b546cf1dfd52f2206955eb892.js?ver=2.1.2
IP 82.165.101.27:0
GET /wp-content/cache/autoptimize/js/autoptimize_single_dffa195b546cf1dfd52f2206955eb892.js?ver=2.1.2 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 10:12:19 GMT
cache-control: max-age=30672000, public, immutable
expires: Sat, 09 Sep 2023 05:11:01 GMT
etag: W/"630f3403-6c14"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/cache/autoptimize/js/autoptimize_single_c9ecd41de2bf0fcc902760f68c2ef6a4.js?ver=3.28
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-content/cache/autoptimize/js/autoptimize_single_c9ecd41de2bf0fcc902760f68c2ef6a4.js?ver=3.28
IP 82.165.101.27:0
GET /wp-content/cache/autoptimize/js/autoptimize_single_c9ecd41de2bf0fcc902760f68c2ef6a4.js?ver=3.28 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 10:12:19 GMT
cache-control: max-age=30672000, public, immutable
expires: Sat, 09 Sep 2023 05:11:01 GMT
etag: W/"630f3403-e49"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blog.david-anton.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 82.165.101.27:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 18:21:44 GMT
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
etag: W/"61cb55b8-15fd"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
blog.david-anton.com/wp-content/themes/imagely/assets/js/main.min.js?ver=2.0.0
82.165.101.27200 OK 0 B URL HTTP/2 blog.david-anton.com/wp-content/themes/imagely/assets/js/main.min.js?ver=2.0.0
IP 82.165.101.27:0
GET /wp-content/themes/imagely/assets/js/main.min.js?ver=2.0.0 HTTP/1.1
Host: blog.david-anton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.david-anton.com/
Cookie: -bsBiMKuf=tow.vgMAn7eYV; TsBj_PQnDWSMKNhO=4KUVaQTXiC72l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 05:11:01 GMT
content-type: application/javascript
last-modified: Tue, 28 Dec 2021 18:19:23 GMT
cache-control: max-age=172800
expires: Wed, 21 Sep 2022 05:11:01 GMT
etag: W/"61cb552b-f731"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2