www.erkers.com/
34.66.21.183301 Moved Permanently 162 B IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 14:05:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://www.erkers.com/
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3693
Expires: Fri, 09 Dec 2022 15:07:31 GMT
Date: Fri, 09 Dec 2022 14:05:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7222
Expires: Fri, 09 Dec 2022 16:06:20 GMT
Date: Fri, 09 Dec 2022 14:05:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 13:08:18 GMT
content-type: application/json
age: 3460
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6993
Expires: Fri, 09 Dec 2022 16:02:31 GMT
Date: Fri, 09 Dec 2022 14:05:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: o457G29v5nyix/rMYjOqoTuR4ltxj3MfZ95TdYYLgyCJEmtww57X9lg0inAtA0010ibp0J2pr80=
x-amz-request-id: 51RF6AYCJPHY2ZN4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 13:48:21 GMT
age: 1057
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 13:33:13 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 1966
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 808
Cache-Control: max-age=155664
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:05:59 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:20:23 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
cdn.jsdelivr.net/jquery.slick/1.4.1/slick.min.js
151.101.193.229200 OK 8.1 kB URL HTTP/2 cdn.jsdelivr.net/jquery.slick/1.4.1/slick.min.js
IP 151.101.193.229:0
File type ASCII text, with very long lines (32254)
Hash ec5216ac5bfbd66ebc5a76ae9619b4c3
4295a353fa2fdaa61d8254ffdc773313d367237f
148b7ab5ed754eefb526b2520dfbbcf689e1eb50d54a9f9cb19bfa385a48fbff
GET /jquery.slick/1.4.1/slick.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"820d-xiWXe6kGZgvjdX2DHWRmyeJBE98"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 14:05:59 GMT
age: 727736
x-served-by: cache-fra-eddf8230122-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8139
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:05:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.erkers.com/wp-content/cache/wmac/css/wmac_single_dd1ec01d8bdc08921f8f3f5db6defa68.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/cache/wmac/css/wmac_single_dd1ec01d8bdc08921f8f3f5db6defa68.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/cache/wmac/css/wmac_single_dd1ec01d8bdc08921f8f3f5db6defa68.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
content-length: 0
last-modified: Mon, 31 Oct 2022 17:14:52 GMT
etag: "6360028c-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash e3c75c96c81d79aedfd33c8b0a69f3f0
cc70127e60a507fbfd6ca20a7b3de8d09453aa97
c6a43419a981bec2c76a91cb9b865904f47b59c232a61629fbd412489f33c7b5
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 14:05:59 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "72A0015CB8F97B8A5883F755D38032F16E4FA21C"
Expires: Sat, 10 Dec 2022 00:00:00 GMT
Last-Modified: Fri, 09 Dec 2022 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3599
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776e4c7ec9930b51-OSL
www.erkers.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
content-length: 0
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: "636c8474-0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:05:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jQ/umqh+TAcIuGK4iThiXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zr8Bza3JbtTq4YTKH4yqx4ZUaQA=
www.erkers.com/wp-content/uploads/2021/08/erkers-logo-1280x552.png
34.66.21.183200 OK 100 kB URL HTTP/2 www.erkers.com/wp-content/uploads/2021/08/erkers-logo-1280x552.png
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 1280 x 552, 8-bit gray+alpha, non-interlaced\012- data
Hash 90461e2ba4cda6345a8ba238dcd69693
28e96d4c44546b8ed333b632952319800650fef5
67ffb32efb67e68246ebf8fbbe59579de68221457d34d9f8a318d3eb8e1205e6
GET /wp-content/uploads/2021/08/erkers-logo-1280x552.png HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: image/png
content-length: 99562
last-modified: Tue, 24 Aug 2021 14:39:11 GMT
etag: "6125048f-184ea"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/js/wmac_single_8128c614627bc084aca31bb3bfa604f4.js?defer&generated=1670231264
34.66.21.183200 OK 18 kB URL HTTP/2 www.erkers.com/wp-content/cache/wmac/js/wmac_single_8128c614627bc084aca31bb3bfa604f4.js?defer&generated=1670231264
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 886bc4f091927580d909ca781bee0ea7
303515ef416c1c13924c2fcf425fee6f09435039
159e6990244875233d71bad53c0138c4a02ed9c42b9a37295f8d2df329b4d7e3
GET /wp-content/cache/wmac/js/wmac_single_8128c614627bc084aca31bb3bfa604f4.js?defer&generated=1670231264 HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 09:07:45 GMT
etag: W/"638db4e1-11052"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/css/wmac_single_169125baaa47ee22bc9008645ef2325b.css
34.66.21.183200 OK 3.6 kB URL HTTP/2 www.erkers.com/wp-content/cache/wmac/css/wmac_single_169125baaa47ee22bc9008645ef2325b.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (15769), with no line terminators
Hash d7e7b9a86f9a59bd85f17eb8b379c1ac
b723c67cb0f1719df7491444dfc2c53abfbdffd8
dc4f31af6ec45cbfcbcf35584e9cc94be0670884e6b73083a69a06e58dcc4b23
GET /wp-content/cache/wmac/css/wmac_single_169125baaa47ee22bc9008645ef2325b.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 05 Dec 2022 09:07:45 GMT
etag: W/"638db4e1-3d99"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js
34.66.21.183200 OK 80 kB URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (6847)
Hash 41ea29bf0312a09acdee92a4d3d63790
870efa1301d725e2f9c004386e4a2f5de488f67b
69362c8d8dfd77680e198587c44d4af2b09012cf06595f7fab18dcd38e8263b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-1adc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/clearfy/assets/js/css-lazy-load.min.js
34.66.21.183200 OK 2.2 kB URL HTTP/2 www.erkers.com/wp-content/plugins/clearfy/assets/js/css-lazy-load.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (3251), with no line terminators
Hash 62e854be456c76565f55408ec3aced1f
523895559cef4f2fe5e4655ee3cd997597878db1
ffae2e8a4142f8ae3bbdb79ad9f8e21ec39db955901719187a1f097096a2e2e3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/clearfy/assets/js/css-lazy-load.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 16 Nov 2022 11:41:24 GMT
etag: W/"6374cc64-cb3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
34.66.21.183200 OK 3.0 kB URL HTTP/2 www.erkers.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (6475), with no line terminators
Hash b52d26c3bca17f4bc721d59c8fe0dbe1
f7a1ce3de8021dac1e8f84d7416d4fdec5a908e1
d2c2cd48f12489d919a19b6c333e3e94d24214a0bdbda6306833341cb667e728
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-194b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css
34.66.21.183200 OK 838 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/legacy/css/formreset.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (3860), with no line terminators
Hash 656948faf47e0da603ab400f4409dc0e
8e8b66977ea06b130b3596a055ef21551b19f20c
84ef84ebe97c48c291b37f31c0c6c245133c69b103f688e6ccbf2aef9d616d66
GET /wp-content/plugins/gravityforms/legacy/css/formreset.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-f14"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/css/wmac_single_eafc45ed3a268adc8e55fdf91ed1a263.css
34.66.21.183200 OK 1.4 kB URL HTTP/2 www.erkers.com/wp-content/cache/wmac/css/wmac_single_eafc45ed3a268adc8e55fdf91ed1a263.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (18364), with no line terminators
Hash 17a4c3d6b0521c6a4abe143abe06e185
30faab1c708ce98ed784f39f593b29441835e3f6
79cf5aafe3beb822e919d26bb35e232637d03ae5daeecdf891732a33071f1e48
GET /wp-content/cache/wmac/css/wmac_single_eafc45ed3a268adc8e55fdf91ed1a263.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 31 Oct 2022 17:14:52 GMT
etag: W/"6360028c-47bc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/css/wmac_single_4c8f7e028524f26f6a803d4028e63e70.css
34.66.21.183200 OK 26 kB URL HTTP/2 www.erkers.com/wp-content/cache/wmac/css/wmac_single_4c8f7e028524f26f6a803d4028e63e70.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (3269), with no line terminators
Hash 3299b183840bfa4c5b93e0c0ac3b53b7
d4831b7c3189336fecbdd4e1f15f4bd1d37b0fde
472bb79b59e9d656fe70335cf3c2befae1dd308cc8569e73c924ba4de349c191
GET /wp-content/cache/wmac/css/wmac_single_4c8f7e028524f26f6a803d4028e63e70.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 31 Oct 2022 17:14:52 GMT
etag: W/"6360028c-cc5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css
34.66.21.183200 OK 20 kB URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/legacy/css/browsers.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (8213), with no line terminators
Hash ec1c684b69c0f1fb9d4b816805c073eb
17e07d42f6bdc57f8cb1c9054f9d941c707c4e3d
9f9a2499b673eda4dc23491777343a7b0cad109237c68f402e2248f581aca5ad
GET /wp-content/plugins/gravityforms/legacy/css/browsers.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-2015"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js
34.66.21.183200 OK 9.9 kB URL HTTP/2 www.erkers.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (1191), with no line terminators
Hash 3c1c31c7f1563c76c697cf737d694087
64b9977e0203542908dcf0bb22e9dbb07a7e4f7f
ba043201fc2d5ea78313a8a8be80735f3f15ecb52c50bc8d7d72abba4d4e8ae0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: W/"625095f6-4a7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/themes/Divi/style-static.min.css
34.66.21.183200 OK 106 kB URL HTTP/2 www.erkers.com/wp-content/themes/Divi/style-static.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65192)
Size 106 kB (105655 bytes)
Hash ed73d9eea85c64ed30951795e3a50155
6b6e603fb079581eb56e7293f660737196108f93
2e6944adbc45b38c3dbffcc6946fa164f2e477f3b65c3378fc5405cc129301c9
GET /wp-content/themes/Divi/style-static.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 30 Nov 2022 04:52:31 GMT
etag: W/"6386e18f-c9550"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/jquery/jquery-migrate.min.js
34.66.21.183200 OK 30 kB URL HTTP/2 www.erkers.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (11126)
Hash 84fc9c15eee7dd9faa7296b16d121357
03c0032055279fea3f19f3ae01d334535229735d
71c0eeb3aab9602631cee0e055f714b80beed82307e198726298111b0e52ab13
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: W/"5fb4e3fe-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/jquery/ui/core.min.js
34.66.21.183200 OK 7.8 kB URL HTTP/2 www.erkers.com/wp-includes/js/jquery/ui/core.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 2ed6341a54c54fb7ab76820d4bfe456f
77fcc9a87ffde4a19f29045315f6ccfafd512daf
e832ceeb1f8979f544b624e6f971b3f8c386a1294b1aadd3d39784f1311f6bad
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-53c0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/js/wmac_single_d71b75b2327258b1d01d50590c1f67ca.js
34.66.21.183200 OK 3.4 kB URL HTTP/2 www.erkers.com/wp-content/cache/wmac/js/wmac_single_d71b75b2327258b1d01d50590c1f67ca.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (2285)
Hash ca73b5845a6d1e8c386021d102301460
681f87f2a3d7d9424f0497e65ef75f581bb8f4ce
61208fb4e90e65fe24b80852f6e68c01980aebd4a94513fca647c47e3a685fcd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wmac/js/wmac_single_d71b75b2327258b1d01d50590c1f67ca.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 31 Oct 2022 17:14:52 GMT
etag: W/"6360028c-c3d"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/js/wmac_single_271c8dc2588d7849e852b3b9f237f603.js
34.66.21.183200 OK 95 kB URL HTTP/2 www.erkers.com/wp-content/cache/wmac/js/wmac_single_271c8dc2588d7849e852b3b9f237f603.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (4352), with no line terminators
Hash cf275755ca433194927cfe1b731a60ce
6143eeb77df753b7c8b32a307629ffe0aef1e141
77a4e82e8376ffcbf8c51db7f3ca92e4ba1088c0e00fafa2060d6bdfdfedc88f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wmac/js/wmac_single_271c8dc2588d7849e852b3b9f237f603.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 27 Nov 2022 18:00:01 GMT
etag: W/"6383a5a1-1100"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/uploads/2020/10/1_03.jpg
34.66.21.183200 OK 110 kB URL HTTP/2 www.erkers.com/wp-content/uploads/2020/10/1_03.jpg
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x862, components 3\012- data
Size 110 kB (110056 bytes)
Hash 1401afb732cf9c36e243fb5b1c3b800c
247b91d545b3be949877b51bd860c5c46aad89fb
de4f5e220d6381b318e20425618ca0def42948352f42a062c161d9c1c7e9f56e
GET /wp-content/uploads/2020/10/1_03.jpg HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: image/jpeg
content-length: 110056
last-modified: Fri, 19 Feb 2021 19:10:05 GMT
etag: "60300d0d-1ade8"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 00ea42401b1657f0568c00107eb8e6f3
2ae1e559b003d7cabe11c77a509f6f450644d6df
7367627b43542b0320baff0453d08df8956cd703d9aabbbd6b523ba64b37399b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4700
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:00 GMT
Last-Modified: Fri, 09 Dec 2022 12:47:40 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
www.erkers.com/wp-content/plugins/gravityforms/js/gravityforms.min.js
34.66.21.183200 OK 84 kB URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/js/gravityforms.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (46435), with no line terminators
Hash 4b09f6076b4676ad443db42410967761
d1a3a44e3215f98acd5aec52edb59224c91ae08b
7b7cd3eee584a07bd0629e3177516fa917c97999050d5e014c74d4dae619f0c7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/gravityforms.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-b563"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/uploads/2020/10/3_02.jpg
34.66.21.183200 OK 70 kB URL HTTP/2 www.erkers.com/wp-content/uploads/2020/10/3_02.jpg
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x726, components 3\012- data
Hash 0e19b4bc5f1a8f3a0d15d2cc6138fd2a
1a8fe53a149a28a7e8ef895e7d5148ebafd5b306
9c6aaf3257103cc4857be5186cda1a3fa86fd5017df203fa1d551a32031f061b
GET /wp-content/uploads/2020/10/3_02.jpg HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: image/jpeg
content-length: 69512
last-modified: Fri, 19 Feb 2021 19:10:17 GMT
etag: "60300d19-10f88"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
komito.net/komito.js
104.21.59.183200 OK 6.6 kB IP 104.21.59.183:0
File type ASCII text, with very long lines (6934)
Hash d5c1b8efcc51615ebcc1e48c3bf57ed0
2ec064251b3ed07473b002aff95d3dbf73d31f88
4dff90d5b7ac99037c01a3fc9240615b669122f1a766127d2fa8c7a294377ab8
GET /komito.js HTTP/1.1
Host: komito.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=16070400
cf-bgj: minify
cf-polished: origSize=13993
access-control-allow-origin: *
age: 536
etag: W/"63825fb4-36a9"
expires: Thu, 08 Dec 2022 19:16:40 GMT
last-modified: Sat, 26 Nov 2022 18:49:24 GMT
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-fastly-request-id: f615dceff846dd41332e85959876ba56fc62524c
x-github-request-id: 87F6:6F7D:155CA66:1EA8E12:63826005
x-origin-cache: HIT
x-proxy-cache: HIT
x-served-by: cache-bma1635-BMA
x-timer: S1669489132.383490,VS0,VE1
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FdaBgOTw8FoL53WtO5JtnwJcDqxc75RsmRaMJoHPFYSYT6VAOoIc%2BUEnFGLAteRMcx3u5QqtZQU3X63kzxP0nGCGZm6ucL2MGmVSaasr61uCuD0Gy6krocwgJUo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 776e4c84bb02b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d12465.686442436812!2d-90.388764!3d38.639185!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xa7908de908b9f10c!2sErker%27s%20Eyewear!5e0!3m2!1sen!2sph!4v1603229734588!5m2!1sen!2sph
216.58.207.228200 OK 1.8 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d12465.686442436812!2d-90.388764!3d38.639185!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xa7908de908b9f10c!2sErker%27s%20Eyewear!5e0!3m2!1sen!2sph!4v1603229734588!5m2!1sen!2sph
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3600)
Hash f8ce46ed55e388eea6c3aeed282d7bc7
03d9ea9b42ec64a4562abf606c261b951392d66a
86e06548a35c038fd0cfec605298e258c55c85e57298b0f0efe718decd081b89
GET /maps/embed?pb=!1m14!1m8!1m3!1d12465.686442436812!2d-90.388764!3d38.639185!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xa7908de908b9f10c!2sErker%27s%20Eyewear!5e0!3m2!1sen!2sph!4v1603229734588!5m2!1sen!2sph HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 14:06:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ILbZTusnmU4lUgwm0FVobw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1782
x-xss-protection: 0
server-timing: gfet4t7; dur=175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.userway.org/widgetapp/2022-12-07/widget_app_base_1670431810099.js
185.76.9.22200 OK 38 kB URL HTTP/2 cdn.userway.org/widgetapp/2022-12-07/widget_app_base_1670431810099.js
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
Hash 7160b13474fdc3c92749994ae65810ce
ac835ead1d986993224aa94dea726177f9e33dfb
607cebf42771790dfe31b8e12466d7eab8c01ee7a1d202c639f13e71e2b7b8f7
GET /widgetapp/2022-12-07/widget_app_base_1670431810099.js HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Wed, 07 Dec 2022 16:52:53 GMT
etag: W/"a9f1c7d7780cd7a28c608b7254f7af53"
cache-control: max-age=25920000, public
vary: Accept-Encoding
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qJNgDJ7ngdm7nJ5gFGl5QMN7P78jKNnkvOT5qrvDdaBPwuOFwDHPMg==
age: 91
x-accel-expires: @1696352165
server: CDN77-Turbo
x-77-nzt: AblMCRT7sUH/I3sCAA
x-77-nzt-ray: af585630b8ee5d77c84093632ea8dc11
x-cache: HIT
x-age: 162595
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.userway.org/widget.js
185.76.9.22200 OK 73 kB URL HTTP/2 cdn.userway.org/widget.js
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
Hash 93ad61054109a597982fc1381e07a1ef
659d847fb6a5383003dc742dfc8c055bb32cb7db
c7587733a438a2ddcae67bfac6b12762d8e652911833bc6194b7b221db770931
GET /widget.js HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Wed, 07 Dec 2022 16:52:56 GMT
etag: W/"8794e6def696372210802b66339a52c7"
cache-control: max-age=3600, public
vary: Accept-Encoding
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BmvtYlpGDaWSt3UUAcf4VwzDfaDqiRgE_kUgWgULYWy7V3qCh292aA==
age: 797
x-accel-expires: @1670595456
server: CDN77-Turbo
x-77-nzt: AblMCRSRZi7/WAsAAA
x-77-nzt-ray: af585630b8ee5d77c84093631132940f
x-cache: HIT
x-age: 2904
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/css/wmac_single_9ff444ede16923e0a817eced59bcd359.css
34.66.21.183200 OK 125 kB URL HTTP/2 www.erkers.com/wp-content/cache/wmac/css/wmac_single_9ff444ede16923e0a817eced59bcd359.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (523), with no line terminators
Size 125 kB (125037 bytes)
Hash 4304c801a31fd88088f919f484f9589f
1ff6a9753767ea33718e9644192a3595bd54cda6
5511457bdf0cb4a411a944c63ac434ee8fc0285bdda532000cba42138c4b8000
GET /wp-content/cache/wmac/css/wmac_single_9ff444ede16923e0a817eced59bcd359.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 31 Oct 2022 17:14:52 GMT
etag: W/"6360028c-20b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e04874d48461b3a37de6de2b1a2b70e9
0ed78525281955b0a50d5b3dbba35a394adc188e
bd2e7d8e45cf4e46cf57ebc104285c4caeb3f77bbb3e9e09a9f04c04669f81f6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 21
Cache-Control: max-age=165674
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:00 GMT
Etag: "639324dd-117"
Expires: Sun, 11 Dec 2022 12:07:14 GMT
Last-Modified: Fri, 09 Dec 2022 12:06:53 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4993
Expires: Fri, 09 Dec 2022 15:29:13 GMT
Date: Fri, 09 Dec 2022 14:06:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4993
Expires: Fri, 09 Dec 2022 15:29:13 GMT
Date: Fri, 09 Dec 2022 14:06:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4993
Expires: Fri, 09 Dec 2022 15:29:13 GMT
Date: Fri, 09 Dec 2022 14:06:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4993
Expires: Fri, 09 Dec 2022 15:29:13 GMT
Date: Fri, 09 Dec 2022 14:06:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 24765
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 58476
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 37654
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 33585
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 24721
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 06:08:38 GMT
age: 28642
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 797de6464a7d717aafb13fb4f8c81955
a4e0afc25ff758327b14f37c7f89f36d3306bfa1
45d986442b46cf769a977e8f9fb16eb6f508e5a12290989b5967cc0249534359
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159926
Date: Fri, 09 Dec 2022 14:06:00 GMT
Etag: "6392f94e-1d7"
Expires: Sun, 11 Dec 2022 10:31:26 GMT
Last-Modified: Fri, 09 Dec 2022 09:01:02 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wd52U3FeisqeoDAaJS6-eA3biFU0rd4asq8-fXOPQpxy3E8v9V0DpA==
Age: 5424
www.google-analytics.com/u/analytics_debug.js
216.58.207.206200 OK 25 kB URL HTTP/2 www.google-analytics.com/u/analytics_debug.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1802)
Hash 6eedfa1e32e17d82663c4265a37af349
1a3f3db13bc460e2744962f06a7362fa6d05e6b3
d694efb4129704e0582111e065bd06758cf0ec57d3f563b5c8ca091a4645324f
GET /u/analytics_debug.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 25386
date: Fri, 09 Dec 2022 13:35:21 GMT
expires: Fri, 09 Dec 2022 15:35:21 GMT
cache-control: public, max-age=7200
age: 1839
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/js/wmac_d41d8cd98f00b204e9800998ecf8427e.js
34.66.21.183200 OK 1.3 kB URL HTTP/2 www.erkers.com/wp-content/cache/wmac/js/wmac_d41d8cd98f00b204e9800998ecf8427e.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (2237), with no line terminators
Hash 953b18201d2d8c43a2a22575170ab726
76091ad3f50fb12a668fa5754669ab64588588ea
6e7b066fd4d608e5dc9deeb15cdede848dcfcdc88135c53e22baaa6ac1ab4542
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wmac/js/wmac_d41d8cd98f00b204e9800998ecf8427e.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 31 Oct 2022 17:14:52 GMT
etag: W/"6360028c-8bd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3994
Cache-Control: max-age=98740
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:00 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:31:40 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/gtm/optimize.js?id=GTM-NPNGP9D
216.58.207.206200 OK 45 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-NPNGP9D
IP 216.58.207.206:0
File type ASCII text, with very long lines (1921)
Hash 461c04e34290fd9cced7100f3303d390
2216699c2c27f0b20c5bf6ce63509c46b450deea
ebe97b381dd553bc98b9aac9d259950f3a548a609e7ff08611642ccb314c0ca3
GET /gtm/optimize.js?id=GTM-NPNGP9D HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 14:06:00 GMT
expires: Fri, 09 Dec 2022 14:06:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/631768234/?random=1670594759433&cv=11&fst=1670594759433&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.erkers.com%2F&tiba=Finest%20Eye%20Care%20Services%20in%20St.%20Louis%20%7C%20Erker%E2%80%99s%20Fine%20Eyewear&rfmt=3&fmt=4
142.250.74.34200 OK 897 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/631768234/?random=1670594759433&cv=11&fst=1670594759433&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.erkers.com%2F&tiba=Finest%20Eye%20Care%20Services%20in%20St.%20Louis%20%7C%20Erker%E2%80%99s%20Fine%20Eyewear&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1915), with no line terminators
Hash dc0cf210ac074eab5ac3592b740523ec
aa7a02d00b7708bd04d1dce72c4651b1b543fb1b
557ebc8bdb23a1a1af133d8918020e52b1aba7dea151033181f769d8ee7ecdc6
GET /pagead/viewthroughconversion/631768234/?random=1670594759433&cv=11&fst=1670594759433&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.erkers.com%2F&tiba=Finest%20Eye%20Care%20Services%20in%20St.%20Louis%20%7C%20Erker%E2%80%99s%20Fine%20Eyewear&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 14:06:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 897
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 14:21:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LEAt/9nYweRN5qUdcQ8GVhxGrI2coWg+o5naCeONHYJpcpTFsM1L6FkajoMMN/SBZAnW3BqM7A7LYMoCcia2Og==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 14:06:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.erkers.com/wp-content/uploads/2020/08/cropped-fav-icon-192x192.jpg
34.66.21.183200 OK 5.7 kB URL HTTP/2 www.erkers.com/wp-content/uploads/2020/08/cropped-fav-icon-192x192.jpg
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 1\012- data
Hash 12e3e8342ff0bd5e17d68138936071e5
d663f4740aaf32ede0d001a8b1e405ae6ccf317b
c1f520ba05125d8e95d47d0a09a58a6bfb4f086c7d1a4eb86abad8bb1947b6f6
GET /wp-content/uploads/2020/08/cropped-fav-icon-192x192.jpg HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: image/jpeg
content-length: 5653
last-modified: Fri, 28 Aug 2020 20:10:37 GMT
etag: "5f4964bd-1615"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3995
Cache-Control: max-age=98740
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:01 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:31:41 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
api.userway.org/api/tunings/r1iqaHtib9
52.37.62.126200 OK 1.0 kB URL HTTP/2 api.userway.org/api/tunings/r1iqaHtib9
IP 52.37.62.126:0
File type JSON data\012- , ASCII text, with very long lines (1004), with no line terminators
Hash 15045ea34959a4e2e1370f1af6939549
3b1e9a6d72c317b23c82f9b5ca8b111e90eca477
c44bd9b4700c825c6cc0b85ba3ac650282bd8f93aa80741798a962ac59fdca87
POST /api/tunings/r1iqaHtib9 HTTP/1.1
Host: api.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1415
Origin: https://www.erkers.com
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: application/json; charset=utf-8
content-length: 1004
x-service-version: uw-pr
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-headers: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
x-service-request-id: usr68ad7d3b5dd340f
etag: W/"3ec-Ox6abXLDF7I8gvm1yosRHpDspHc"
X-Firefox-Spdy: h2
script.hotjar.com/modules.bc0a4c72d88d266f15af.js
143.204.55.46200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.bc0a4c72d88d266f15af.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 2375e31c5dc0ca09d740bee5c1486c2b
d68ad5ffd79e99af40377945f2f41db8b6f00ad0
2197593e6c85391abbb9c0cba866862dc84bad91aedbe5d90d374e413504f5cb
GET /modules.bc0a4c72d88d266f15af.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68590
date: Wed, 07 Dec 2022 14:35:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AiAt_Ru3YRngTC8PfCAJaRMiPYY1pT_UBKfzRMSVnuPkdJ863jEfSA==
age: 171055
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/631768234/?random=1670594759433&cv=11&fst=1670594400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.erkers.com%2F&tiba=Finest%20Eye%20Care%20Services%20in%20St.%20Louis%20%7C%20Erker%E2%80%99s%20Fine%20Eyewear&fmt=3&is_vtc=1&random=1341916320&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/631768234/?random=1670594759433&cv=11&fst=1670594400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.erkers.com%2F&tiba=Finest%20Eye%20Care%20Services%20in%20St.%20Louis%20%7C%20Erker%E2%80%99s%20Fine%20Eyewear&fmt=3&is_vtc=1&random=1341916320&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/631768234/?random=1670594759433&cv=11&fst=1670594400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.erkers.com%2F&tiba=Finest%20Eye%20Care%20Services%20in%20St.%20Louis%20%7C%20Erker%E2%80%99s%20Fine%20Eyewear&fmt=3&is_vtc=1&random=1341916320&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 14:06:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hotjar.com/c/hotjar-1579108.js?sv=7
143.204.55.84200 OK 5.2 kB URL HTTP/2 static.hotjar.com/c/hotjar-1579108.js?sv=7
IP 143.204.55.84:0
File type ASCII text, with very long lines (6375)
Hash 070502b123d2febd0fd2416e4a6be01a
ef5f5f73ba2baafa7e5595d0b55bbd95c311d762
9b61660dc2f22684940a1dc2cfd88ce1553d9a3401fe0077fbdb33ef5c47d2c9
GET /c/hotjar-1579108.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 09 Dec 2022 14:06:00 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/e0bb4e6a733ab72d2f42af0573ba7c35
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tTOLOeDDk1zwxUabo0WTWYpY6DraPrZeLQfxNmdk6xEpUgptBN150g==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.userway.org/widgetapp/2022-12-07/locales/en-US.json
185.76.9.22200 OK 221 B URL HTTP/2 cdn.userway.org/widgetapp/2022-12-07/locales/en-US.json
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
Hash c3b8e7288f737214d0f0d8bb2b400e96
83966e9877c1d1936c70b4fb1cd9149c9dfdab08
d84691ab422890905d01d289add233c1c7a2c4a95623b1148794d2068a499353
GET /widgetapp/2022-12-07/locales/en-US.json HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.erkers.com
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:01 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Wed, 07 Dec 2022 16:52:53 GMT
etag: W/"0c4b53012957584c54e80867ff489590"
cache-control: max-age=25920000, public
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YDtGG3fHudwJa0frM1hWAe98sVyizxz7VbVzEVm-T3Fz6CHngJcXdg==
age: 78
x-accel-expires: @1696352168
server: CDN77-Turbo
x-77-nzt: AblMCRSQxlf/IXsCAA
x-77-nzt-ray: af585630b8ee5d77c940936303e51d09
x-cache: HIT
x-age: 162593
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98d&tid=UA-56002700-1&cid=394586693.1670594760&jid=1720061865&gjid=1596601160&_gid=842125857.1670594760&_u=aGDACEABRAAAACAAI~&z=1542200621
64.233.165.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98d&tid=UA-56002700-1&cid=394586693.1670594760&jid=1720061865&gjid=1596601160&_gid=842125857.1670594760&_u=aGDACEABRAAAACAAI~&z=1542200621
IP 64.233.165.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98d&tid=UA-56002700-1&cid=394586693.1670594760&jid=1720061865&gjid=1596601160&_gid=842125857.1670594760&_u=aGDACEABRAAAACAAI~&z=1542200621 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.erkers.com
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.erkers.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 14:06:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=2457265227824021&ev=PageView&dl=https%3A%2F%2Fwww.erkers.com%2F&rl=&if=false&ts=1670594760352&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670594760351.517502108&it=1670594760121&coo=false&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2457265227824021&ev=PageView&dl=https%3A%2F%2Fwww.erkers.com%2F&rl=&if=false&ts=1670594760352&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670594760351.517502108&it=1670594760121&coo=false&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2457265227824021&ev=PageView&dl=https%3A%2F%2Fwww.erkers.com%2F&rl=&if=false&ts=1670594760352&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670594760351.517502108&it=1670594760121&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 14:06:01 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 1f5e215f8a7a02c43465654c397e0bbd
167bfd0fe3b0bba7170f6d2b9e345ef6b3b6dfd7
ea8f444a8683640e753d493f1ffed8356ad3280f8e64f5e38e95b6551e84b383
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91835
Date: Fri, 09 Dec 2022 14:06:01 GMT
Etag: "639201e6-1d7"
Expires: Sat, 10 Dec 2022 15:36:36 GMT
Last-Modified: Thu, 08 Dec 2022 15:25:26 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TCmK9HSh5cR2OZgixcEIdpKGcjd4_URPDkGOKX6c6VTe3FumlFC25Q==
Age: 670
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6d61d363f0f00585736abb35e1dcd6dc
9369b0eb806bd3264de91a4a3d99a10e71a5440e
7b16f38fc7c16381c9295dc3d7ec41321fe7629e1967882c051eefd049bb3ff2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 14:06:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.userway.org/widgetapp/images/body_wh.svg
185.76.9.22200 OK 499 B URL HTTP/2 cdn.userway.org/widgetapp/images/body_wh.svg
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (931), with no line terminators
Hash 7be7605941fc4a8ad3485baa64ce0791
3f411cf1c55bd6a40361b5d51e804af0fd77968f
de099ff76918165f9fd4b7a74263e7ae76160467ef01414c6af1af5a83427d26
GET /widgetapp/images/body_wh.svg HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:01 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Mon, 22 Aug 2022 17:36:51 GMT
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
cache-control: max-age=25920000, public
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eotmH-dzOiidll9Y7iIp2xo5U9N4rflh5QoLPHHIlwA9q0K69unJyA==
age: 29
x-accel-expires: @1696184114
server: CDN77-Turbo
x-77-nzt: AblMCRTsEI7/lwsFAA
x-77-nzt-ray: af585630b8ee5d77c9409363f000ad27
x-cache: HIT
x-age: 330647
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/CheckCookie?continue=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&followup=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&chtml=LoginDoneHtml&checkedDomains=youtube&checkConnection=youtube%3A291%3A1
142.250.74.109400 Bad Request 33 kB URL HTTP/2 accounts.google.com/CheckCookie?continue=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&followup=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&chtml=LoginDoneHtml&checkedDomains=youtube&checkConnection=youtube%3A291%3A1
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (549)
Hash cb685f8c8faf7217aa3e7bb10d7bd52d
374f182f9d39961cabf04185358e5c804b8abe5a
6db9ee5e383ca38e96cffc44c73b23cd0ddbd167b9d164e8c880d6583c9bcd05
GET /CheckCookie?continue=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&followup=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&chtml=LoginDoneHtml&checkedDomains=youtube&checkConnection=youtube%3A291%3A1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
content-security-policy: script-src 'nonce-l-vTArlse1liclWJMsJ8BQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 01-Jan-1990 00:00:00 GMT
content-encoding: gzip
date: Fri, 09 Dec 2022 14:06:01 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:2wbK7qIyvSRGXS7izcSihtNNMF6Rqw:s8bws0FNGuXVg9-_;Path=/;Expires=Sun, 08-Dec-2024 14:06:01 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 153128
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 153126
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.erkers.com%2F/DESKTOP/WIDGET_OFF/status
52.37.62.126200 OK 77 B URL HTTP/2 api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.erkers.com%2F/DESKTOP/WIDGET_OFF/status
IP 52.37.62.126:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f3b84edcbb7d7e1cf47c38c8fe97788f
c182d12eb6d689d4709df844be807e636534e0d6
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
GET /api/a11y-data/v0/page/https%3A%2F%2Fwww.erkers.com%2F/DESKTOP/WIDGET_OFF/status HTTP/1.1
Host: api.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.erkers.com/
Origin: https://www.erkers.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:06 GMT
content-type: application/json; charset=utf-8
content-length: 77
x-service-version: seo-w-aafc8284
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-headers: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.erkers.com/wp-content/et-cache/9251/et-core-unified-tb-9590-tb-9591-9251.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/et-cache/9251/et-core-unified-tb-9590-tb-9591-9251.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/et-cache/9251/et-core-unified-tb-9590-tb-9591-9251.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Dec 2022 16:05:43 GMT
etag: W/"6390b9d7-6422"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/dist/hooks.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/dist/hooks.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-132e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/jquery/jquery.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/jquery/jquery.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
etag: W/"632879b8-15e54"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/themes/Divi/js/scripts.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/themes/Divi/js/scripts.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Divi/js/scripts.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 30 Nov 2022 04:52:31 GMT
etag: W/"6386e18f-42f69"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/css/wmac_single_144b2dcf82ceefaa126082688c60dd15.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/cache/wmac/css/wmac_single_144b2dcf82ceefaa126082688c60dd15.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/cache/wmac/css/wmac_single_144b2dcf82ceefaa126082688c60dd15.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 31 Oct 2022 17:14:52 GMT
etag: W/"6360028c-5ea"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/1579108/visit-data?sv=7
63.35.111.165200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/1579108/visit-data?sv=7
IP 63.35.111.165:0
POST /api/v2/client/sites/1579108/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 130
Origin: https://www.erkers.com
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:01 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-1909"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/gravityforms/legacy/css/readyclass.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-726e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/js/jquery.json.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/js/jquery.json.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gravityforms/js/jquery.json.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-fe9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/et-cache/9251/et-core-unified-tb-9590-tb-9591-deferred-9251.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/et-cache/9251/et-core-unified-tb-9590-tb-9591-deferred-9251.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/et-cache/9251/et-core-unified-tb-9590-tb-9591-deferred-9251.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 07 Dec 2022 16:05:43 GMT
etag: W/"6390b9d7-8425"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/gravityforms/assets/css/dist/basic.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-b83f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/gravityforms/legacy/css/formsmain.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-12fe5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/dist/a11y.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/dist/a11y.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/a11y.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-9cc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.14.0/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.14.0/css/all.css
IP 172.64.133.15:0
GET /releases/v5.14.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: text/css
x-amz-id-2: KHrgAtNadyM45rNmMoVjhWwUzrB9lAKBQ1X3wkxzyPeVTKBCh85oi5f4NxJprgPVnjJ92F4KZIQ=
x-amz-request-id: GJ9Y0HYWJPNBWWPV
last-modified: Wed, 30 Jun 2021 15:39:23 GMT
etag: W/"84d8ad2b4fcdc0f0c58247e778133b3a"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 19654380
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNnqyDBBnjR1UyAp4uH7jsxrDLUpcjKhj%2Bbp4%2B%2BksJODm1n2ZOZaV9qS6iPSoiLo2O%2FNDKN3NC2Jarr8blIfdija44tiYqueZwcl5USKLzL%2BbDhYK9BnZZMy9AsYfpPnHHqE%2BHeO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776e4c85aad7405d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Libre+Baskerville&display=swap
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Libre+Baskerville&display=swap
IP 216.58.207.202:0
GET /css?family=Libre+Baskerville&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 14:05:59 GMT
date: Fri, 09 Dec 2022 14:05:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/gravityforms/assets/css/dist/theme.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-777e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.userway.org/widgetapp/images/spin_wh.svg
185.76.9.22200 OK 0 B URL HTTP/2 cdn.userway.org/widgetapp/images/spin_wh.svg
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /widgetapp/images/spin_wh.svg HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 14:06:01 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Mon, 22 Aug 2022 17:36:51 GMT
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
cache-control: max-age=25920000, public
vary: Accept-Encoding
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tzBipx6Ak-mraZeLPkBMtjhBallDEi6nlEioXjIsWB1eaRAh3sW0Cw==
age: 104456
x-accel-expires: @1696184114
server: CDN77-Turbo
x-77-nzt: AblMCRQxHmf/lwsFAA
x-77-nzt-ray: af585630b8ee5d77c940936330f31728
x-cache: HIT
x-age: 330647
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/js/wmac_single_d1d2b850a732d07c83b7005f930f3d96.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/cache/wmac/js/wmac_single_d1d2b850a732d07c83b7005f930f3d96.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wmac/js/wmac_single_d1d2b850a732d07c83b7005f930f3d96.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 27 Nov 2022 18:00:01 GMT
etag: W/"6383a5a1-33fb5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/wp-store-locator/css/styles.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/wp-store-locator/css/styles.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/wp-store-locator/css/styles.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 11 Jan 2022 08:18:07 GMT
etag: W/"61dd3d3f-3a83"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
etag: W/"5cfaccce-105a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/dist/i18n.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/dist/i18n.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: W/"632e0f32-27f6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/uploads/2022/07/Tony-Erker-Erkers-Final-_Trim-1.mp4
34.66.21.183206 Partial Content 0 B URL HTTP/2 www.erkers.com/wp-content/uploads/2022/07/Tony-Erker-Erkers-Final-_Trim-1.mp4
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/Tony-Erker-Erkers-Final-_Trim-1.mp4 HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Fri, 09 Dec 2022 14:06:00 GMT
content-type: video/mp4
content-length: 29283876
last-modified: Fri, 01 Jul 2022 19:41:45 GMT
etag: "62bf4df9-1bed624"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
content-range: bytes 0-29283875/29283876
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: W/"5f735862-2bf8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/mediaelement/wp-mediaelement.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
etag: W/"60083196-38a"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
etag: W/"6329dfa1-459f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Nov 2022 04:56:20 GMT
etag: W/"636c8474-6d9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/et-cache/9251/et-core-unified-9251.min.css
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/et-cache/9251/et-core-unified-9251.min.css
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /wp-content/et-cache/9251/et-core-unified-9251.min.css HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 30 Nov 2022 05:46:34 GMT
etag: W/"6386ee3a-2ab9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/js/wmac_single_fcfd8edebc26d759b44f93975624f445.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/cache/wmac/js/wmac_single_fcfd8edebc26d759b44f93975624f445.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wmac/js/wmac_single_fcfd8edebc26d759b44f93975624f445.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 27 Nov 2022 18:00:01 GMT
etag: W/"6383a5a1-1352"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/dist/dom-ready.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/dist/dom-ready.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/dom-ready.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-1f2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/
34.66.21.183200 OK 0 B IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://www.erkers.com/wp-json/>; rel="https://api.w.org/", <https://www.erkers.com/wp-json/wp/v2/pages/9251>; rel="alternate"; type="application/json"
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 5
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/js/wmac_single_08011a08bddf5977616d7af297f233b2.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/cache/wmac/js/wmac_single_08011a08bddf5977616d7af297f233b2.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wmac/js/wmac_single_08011a08bddf5977616d7af297f233b2.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 27 Nov 2022 18:00:01 GMT
etag: W/"6383a5a1-c8c2"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 29 Sep 2022 14:21:11 GMT
etag: W/"6335a9d7-26935"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.erkers.com/wp-content/cache/wmac/js/wmac_single_fa07f10043b891dacdb82f26fd2b42bc.js
34.66.21.183200 OK 0 B URL HTTP/2 www.erkers.com/wp-content/cache/wmac/js/wmac_single_fa07f10043b891dacdb82f26fd2b42bc.js
IP 34.66.21.183:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/cache/wmac/js/wmac_single_fa07f10043b891dacdb82f26fd2b42bc.js HTTP/1.1
Host: www.erkers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.erkers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 14:05:59 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 31 Oct 2022 17:14:52 GMT
etag: W/"6360028c-1143"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2