firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 05:10:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4Sk5kYBHACMDKVIz3wExDNaoYUnstrnsW9my0gZAPJKQoMFTk0O39w==
Age: 1636
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10653
Expires: Thu, 15 Sep 2022 08:35:09 GMT
Date: Thu, 15 Sep 2022 05:37:36 GMT
Connection: keep-alive
irvineeldercare.com/
104.140.94.141301 Moved Permanently 236 B IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c3aecfd550b176145307a13d5da0fd94
8fd1831b6a97451f2a5f93cf997673d8a24b2e6b
512d8fc58d0d9e7811da63a6c980a4df16b5dacf4a7215de4f2f694084911cec
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:36 GMT
Server: Apache/2
Location: https://irvineeldercare.com/
Content-Length: 236
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NIy7k9PrEYYSFIo32d8QfkQljK2UiADL0pS699dQLIOXc2Gr7mjprA==
age: 3741
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 05:37:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ca333f32325f7c16c268ccb6ea486fa
ed22bf2e19f6e8126f6c3ac4378441da57f102bc
e8b6cf36c88d90337885ad6cf695e0fe702b1bc289e3de5da4150e7fafb4c1a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8B6CF36C88D90337885AD6CF695E0FE702B1BC289E3DE5DA4150E7FAFB4C1A3"
Last-Modified: Wed, 14 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Thu, 15 Sep 2022 11:37:23 GMT
Date: Thu, 15 Sep 2022 05:37:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 05:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 05:49:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bS6bUqLurfycOSxQ_iQ87vT-uCM8yP_onaN4hq_enbqwu1zrTNDMtA==
Age: 2055
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3806
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 05:37:37 GMT
Last-Modified: Thu, 15 Sep 2022 04:34:11 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.239.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.239.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AsIXpSC+jcX+w9V4O4LvBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xDsSBskeZveq44FXGv7FJh8QnGY=
irvineeldercare.com/
104.140.94.141301 Moved Permanently 0 B IP 104.140.94.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 15 Sep 2022 05:37:37 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=odu8rd9l53tm28868cq2p775c4; path=/
location: https://www.irvineeldercare.com/
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8976
Expires: Thu, 15 Sep 2022 08:07:14 GMT
Date: Thu, 15 Sep 2022 05:37:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8976
Expires: Thu, 15 Sep 2022 08:07:14 GMT
Date: Thu, 15 Sep 2022 05:37:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8976
Expires: Thu, 15 Sep 2022 08:07:14 GMT
Date: Thu, 15 Sep 2022 05:37:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8976
Expires: Thu, 15 Sep 2022 08:07:14 GMT
Date: Thu, 15 Sep 2022 05:37:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0becc25a-4375-42b3-9121-290b0edc8240.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0becc25a-4375-42b3-9121-290b0edc8240.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4ef4e58a54fc502b6b9609e1ba1656e
67c7a034b8adc33d5b90bf9612aae4a16a127e3e
22dc59ae01364815c13b1f936cc8b6b60425319aee0ce561d4ee9d156dc86af7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0becc25a-4375-42b3-9121-290b0edc8240.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8574
x-amzn-requestid: e7466c90-8083-4503-997c-2e866e22c4fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeB2LE6ToAMFTsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632249c0-0be07d541676dd92489462f4;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eNXzmmLPUlU-TZ7Mdsb1mk1pI9uO492hYD56Z3INX69D-IjQOQblzg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:48:18 GMT
age: 28160
etag: "67c7a034b8adc33d5b90bf9612aae4a16a127e3e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 25907
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5392f754-e2f9-4a41-bd41-e281b109c83d.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5392f754-e2f9-4a41-bd41-e281b109c83d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fcd0641757ecb9061e0272fc9377b8a
96afd6daa0d13f8a05ceb77880f967d539f37702
8af5e3c3e524a5e3661e50a36403a5cc6c95521e77984ce954ceefd5a542abfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5392f754-e2f9-4a41-bd41-e281b109c83d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5097
x-amzn-requestid: 7d0072f1-0832-4b01-9f5a-081c7d193420
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YaGbEGDiIAMFqGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320b779-2ee57a3e5641f70c00116156;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 17:01:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5TMIu7RzFcpyWKH_HSAd4LDal3PFMAa37n0SVEVDFGyz5RJeqJq5Rw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 28253
etag: "96afd6daa0d13f8a05ceb77880f967d539f37702"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb933dee6-def3-47b6-bfe3-39eee412da4d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb933dee6-def3-47b6-bfe3-39eee412da4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e99a57f5113a2333e7152e73d9dc14a
a38f84502cc64fa3f621c85d330cfa20ba80b7a6
8ab3f12a13a1f8616b7c80a17855380f13a61484c6e889287af0943c4fe20833
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb933dee6-def3-47b6-bfe3-39eee412da4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12802
x-amzn-requestid: dcbf418f-92a2-4aaf-9187-b4d27d7d2fdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yds7DGdTIAMFueg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63222846-56b639e26cdc87247f6abc54;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 19:15:18 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: m8UtuQvEW0vj6z3-oXGJq8_qiTdiI08cPd28Z0mydFuJYI9bDfP27Q==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:34:15 GMT
etag: "a38f84502cc64fa3f621c85d330cfa20ba80b7a6"
content-type: image/jpeg
age: 32603
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 25259
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f42b72c3fd66a6758ebcf0ca8cc1a046
13d42d455f5131b7b861b97eb3f0e91236d4d222
4a07fcacde77dc890164fda9f295b61af6947b2d7f3f84f64749d93e3a1e5b99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3545c74-7af3-4ad8-815b-6a50681a2362.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10633
x-amzn-requestid: 8dbc7f5f-1cb9-4b45-913d-2d4db71449fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSvG98IAMFeLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f44-3094163533977c6d1ee90274;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5Gx5Pfp0fH7GtvITXwV1CVZlM6wbfIXmyk_4xZtIVf8qkmg0AyxBPQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:01 GMT
age: 33397
etag: "13d42d455f5131b7b861b97eb3f0e91236d4d222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.irvineeldercare.com/
104.140.94.141200 OK 15 kB IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1724), with CRLF, LF line terminators
Hash 1fb9caeaef6ca3947fc6cbe34b6214c9
6b1f3e1e574722b6d135bbd8de17f09ab5575825
a2d44e0018424613cf25842399b3f7efa1c00ec41d9c98f28cea0ef36b048d7b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:38 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
link: <https://www.irvineeldercare.com/wp-json/>; rel="https://api.w.org/", <https://www.irvineeldercare.com/>; rel=shortlink
set-cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15430
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 05:37:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.irvineeldercare.com/wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.23
104.140.94.141200 OK 431 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.23
IP 104.140.94.141:0
Hash c2ea397c76a39b9111e1a8ea3c737b85
5fe3b685dab9734b0039701db8343e9b8cd33cc8
bf683f9172636a10c6ea2f9aed526f8a152ea317b133acc0cb2d2459d038361d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "4bf-5e501a5c6fb8e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 431
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1
104.140.94.141200 OK 623 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1
IP 104.140.94.141:0
Hash 9e3f8f252465b6106c5aec804d2d3d36
c5b74d79a69e2989e98bd231a2d43c6ab9229f97
7bbba87c71a99954bd443bc63cc4b9f71b3fb17c462c43cbd1b767fa0d5fd357
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "630-5e798533a2e76-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 623
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/css/customer.css?ver=4.7.23
104.140.94.141200 OK 612 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/css/customer.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash 606f8aaf2cf6e15149de2d6b811106f1
f8ecc287f04c6273fdbc4ca0e1e722a09697f385
80e11e07cccf55f0f2755b5e645c92440c4e0f457af76d85bb50aad0805d4055
GET /wp-content/plugins/contact-form-7/includes/css/customer.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "76c-5e798533a2e76-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 612
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
104.140.94.141200 OK 7.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (36280)
Hash 8e803265d12924cdf2e9b5e393eb384c
59b83e984e437abe07e57dd26bdf5b1206a7ccd7
6cc653068cb6eaee82faca8d49699215ac97db1b69cafa27599d2709987aac4d
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "8f21-5e501a5cf7f30-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7697
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5
104.140.94.141200 OK 2.2 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5
IP 104.140.94.141:0
File type ASCII text, with very long lines (16542), with no line terminators
Hash 7e972f6c1b2623731f8a00bac6c27b89
c74dbad6d727697f8a479e8928da654273abdc4b
56a3d5d9f218531f5135906f5c15990ae8a70bd8d09abe40588bab417504ee8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "409e-5e501a5d0698e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2157
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.23
104.140.94.141200 OK 332 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.23
IP 104.140.94.141:0
Hash 41225bdf9822ee5e476182c76b9a7273
e5cfb6011d658e6208283e8f9563c83f810ddeff
66d7c6e50c9e412f50d7aa0644945160d9dd0c2a6cc93a18157323ec878f5667
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "28e-5e501a5d2de72-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 332
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.7.23
104.140.94.141200 OK 1.2 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash e0203ea95b7d996ae4f35d9cf7e0cd20
2e1baf04588385222014e7e904f61d104bddcb15
595c5566a8664be7d5a12c298102051410514315ad7b199f20f9fcc8df54a549
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "f20-5e501a5d33461-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1239
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 05:37:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.irvineeldercare.com/wp-includes/css/dashicons.min.css?ver=4.7.23
104.140.94.141200 OK 29 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/css/dashicons.min.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (46364), with no line terminators
Hash c3deda3e7fece967f2ccbd284ea13582
97463a1c50f1c8975116d5498806f24791b23fef
a7e9b2f080d9b676910cd9186c7f2ffd4066d61d0380a344c935fa349982aa10
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "b51c-5e501a5d7eb61-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 28612
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5
104.140.94.141200 OK 8.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5
IP 104.140.94.141:0
File type Unicode text, UTF-8 text, with very long lines (61714), with no line terminators
Hash 749b1a20d0728311d2a4d77164ed127c
84f788f17f12c0db4419ea76bef8185a9fa1f703
d87f53c8edf5f2aab26e835e1ba3f81b7278e2314e5cf2cad0de136c0db5c9bd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "f120-5e501a5d0698e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8732
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.7.23
104.140.94.141200 OK 1.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (9152), with no line terminators
Hash 23f9556c7654e2e5a83b2b436b102642
a1fe7b8fee22a0aabc9c015dabad637ec22ad1c6
873a70b9f1f9c101e7e399e8eddf1f92b67ccce457a94b9fac356c6a84b76bc5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "23c0-5e501a5d061be-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1921
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
104.140.94.141200 OK 1.0 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 104.140.94.141:0
Hash 7f046eb8ca1a67b89dd74a47d03ffccf
66e28ae939b80ec7fd96c4b74b0c6777f14dc3a0
05a64429ad07959bd15ae2c23c63c32d318fdf3ebcbb0704a81f4c4364a18860
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "df4-5e501a5d3e040-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1027
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0
104.140.94.141200 OK 955 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0
IP 104.140.94.141:0
Hash d4a59d85a543d7344746f9bbd79b18d3
64236cf986e649ea6c1f8387e1c0ea392602557e
e1a43ab9fcec9c445d945df580b82c7093968ecc11395b581bf0158b7e72d4c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "13be-5e501a5caef3f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 955
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/lightslider/css/lightslider.min.css?ver=4.7.23
104.140.94.141200 OK 1.4 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/lightslider/css/lightslider.min.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (5449)
Hash d5e6ad3b48507f661049c1e0a3bf5bb5
1c60b79a9627ebc4f20f1390633695a94cd2eee0
6c370e16e2b1d23d0edade1b050b2371d581b98366730c9c4931215d7d3ae8e7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/library/lightslider/css/lightslider.min.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "159e-5e501a5d49007-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1378
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.23
104.140.94.141200 OK 1.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (3019)
Hash dfa1dc2c69e232f53c517dd2601508e3
7d8b55891db0121063d1566edfff0677fa657280
f89e903256da13d6baa2a8d581954094490b1bbf163edf3633d10fb5fc96184c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "c4f-5e501a5c6fb8e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1304
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.15
104.140.94.141200 OK 2.8 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.15
IP 104.140.94.141:0
Hash c6818fedbc8642f8b16208eb300f65bd
821284e4a13943332d8c3c1bf05fb463c0fd3fa8
1ada8dde3db6bd94330a43ef42a03f022b87a16b17ed4982e164872b899da828
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.15 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "3ccd-5e501a5d3e040-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2848
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/css/responsive.css?ver=4.7.23
104.140.94.141200 OK 4.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/css/responsive.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash be490526b0ade20c072170658ae4357f
1821d61501182957b2c9b7bb8e5d6c157dcac9b9
e50b62475bdedd6182d7c20cabb8d4877b4c73bf6b3f8440dca88b7dbb7ec31d
GET /wp-content/themes/editorialmag/assets/css/responsive.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "6921-5e501a5d470c7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4297
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
104.140.94.141200 OK 7.1 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
IP 104.140.94.141:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "7918-5e501a5d3e040-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7053
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-marsupio-con-zip-impermeabile-e-inserti-in-pelle-black.jpg
104.140.94.141301 Moved Permanently 367 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-marsupio-con-zip-impermeabile-e-inserti-in-pelle-black.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 303788c9d6ae4eb283af499ec06c153e
1b49d76f96051709767cafcc008136ebdf01e3ab
fa5163ae4d4ee56af0c2fe524c1c599b94bff33ba8990c19daf356ae59580bcc
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-marsupio-con-zip-impermeabile-e-inserti-in-pelle-black.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-marsupio-con-zip-impermeabile-e-inserti-in-pelle-black.jpg
Content-Length: 367
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-porta-carte-in-pelle-con-logo-e-motivo-check-black.jpg
104.140.94.141301 Moved Permanently 364 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-porta-carte-in-pelle-con-logo-e-motivo-check-black.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 973bd943b65deddb371d8c0d8c7d7541
efefe0727577a35fb780b6287464b400bb03b127
74e664ccd65231d2408fa4b2bd66686449cb68ce695aee61594adfee3309dd26
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-porta-carte-in-pelle-con-logo-e-motivo-check-black.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-porta-carte-in-pelle-con-logo-e-motivo-check-black.jpg
Content-Length: 364
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-uomo-woolrich-gilet-heritage-terrain-in-nylon-taslan-dark-green.jpg
104.140.94.141301 Moved Permanently 340 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-uomo-woolrich-gilet-heritage-terrain-in-nylon-taslan-dark-green.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 637f2798833bfd6cd2871d0ee16160fa
040494301cbc0dea657c09657627390e14b26ff7
de97b2191526c85017b54ab4f2e3ff46133cb7d40153df7aded0f8dda7f9c136
GET /wp-content/uploads/2022/08/gilet-uomo-woolrich-gilet-heritage-terrain-in-nylon-taslan-dark-green.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-uomo-woolrich-gilet-heritage-terrain-in-nylon-taslan-dark-green.jpg
Content-Length: 340
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
104.140.94.141301 Moved Permanently 340 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3865fd2748d0116f9860edb14c05d42c
03704661205321a35159e406b9b3b5a35a086692
5273f2093f12d49240d1349d51895be8966eea22f02134f6b1147c5e6e67f9b3
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
Content-Length: 340
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-girocollo-melton-blue.jpg
104.140.94.141301 Moved Permanently 318 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-girocollo-melton-blue.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 89298d6d13d7da033dfc1aa1e9d07033
90da08359ea2c6f901d1bf5eb7bd7a9a94391cca
2e9612b316b9b36d4cd79df6175badab6e57b36f74fbaec4d37ba08bd2733633
GET /wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-girocollo-melton-blue.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-girocollo-melton-blue.jpg
Content-Length: 318
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-uomo-woolrich-giacca-ibrida-sundance-in-nylon-elasticizzato-con-cappuccio-dark-green.jpg
104.140.94.141301 Moved Permanently 363 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-uomo-woolrich-giacca-ibrida-sundance-in-nylon-elasticizzato-con-cappuccio-dark-green.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2fac9951d728967a62db581cf022bf25
5987f0464b471793645b4110e3d63cfed226739b
9c2d37fc3d4d3e867912e1d0bf4bef342889846918bd4409785966f93e521f28
GET /wp-content/uploads/2022/08/giacche-uomo-woolrich-giacca-ibrida-sundance-in-nylon-elasticizzato-con-cappuccio-dark-green.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-uomo-woolrich-giacca-ibrida-sundance-in-nylon-elasticizzato-con-cappuccio-dark-green.jpg
Content-Length: 363
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5
104.140.94.141200 OK 591 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5
IP 104.140.94.141:0
File type ASCII text, with very long lines (1402), with no line terminators
Hash 4380e7ab9aa888e12cb1a391b71638ae
718403244f48059dff634871c056679d6e2fc3e4
a2ceba8511849f4dbaaa2e9b84e6e163e77bc8916c817441fd90d62fba616e5c
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "57a-5e501a5d0a426-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 591
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.23
104.140.94.141200 OK 382 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash e5611b003aacbbc3ca958f31e2e48cbf
1449fb63049e03a2527968602874b0303a11f243
e9c21923a0fea4bcadc0372529d1cff69d1e7f91ad0bd1f08bceb41e11b97866
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "353-5e501a5d00bcf-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 382
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1
104.140.94.141200 OK 351 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1
IP 104.140.94.141:0
Hash caa6ca5d23d1adf35e63b219631fff8e
786acb0cf5a9033939c4c4b8f5c4109e2e15401f
50973c0a98e9463c4417b2ccd9424a5f89a9924b80878548f19422b25d23d901
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "37f-5e501a5c7ab55-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 351
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/customer.js?ver=4.7.23
104.140.94.141200 OK 1.5 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/customer.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash d891908f72a5186afe58eb444b5f760f
9d2ad224449ec09dc8baf103260afe852a0093ec
5d63662cce5a394195eaa450a9ed853455750d9ea15f00cba1eab05713183e06
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/customer.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "16a2-5e798533a1ed6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1530
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/utils.js?ver=4.7.23
104.140.94.141200 OK 2.1 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/utils.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash 5bc54f98bdc4d9364767615e0bbfbdee
d8a3cc2023f5075ac529125d96a61af5ed4f558e
30c4eeae124d71596809a4f6eae5daed5f807e2ea08782793f2aa7610a2e38cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/utils.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "2565-5e798533a1ed6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2087
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1
104.140.94.141200 OK 1.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (10490), with no line terminators
Hash c3152306080f8c2af0a55d6c99e0ed37
cdfd2c1d4bc3fb0dc4b18454bee088412a415956
da58870f9556728f192782a0e6be3d7863b69b20be0c790af9ef5fb7ef7d1577
GET /wp-content/plugins/js-composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "28fa-5e501a5c82c3c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1322
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
104.140.94.141200 OK 4.0 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2748-5e501a5d83599-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4014
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
104.140.94.141200 OK 6.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (28824)
Hash 493398c5b021c6f1679b5faa7c9d33ae
1bd77a073f3d85adcf06856da80009a1cc4a11d3
31f324dd068c29c50c9af1334d7f461686d51c12435895e5e87e83d387917fb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "713a-5e501a5c7f974-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6684
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
104.140.94.141200 OK 981 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 104.140.94.141:0
File type ASCII text, with very long lines (1680)
Hash 2238631cf6be3be50e2ab84374f6381d
f1525686e4d6b7d39727aaf30db49ac9b2bc3fa8
8e46659318c5590dc20944c2d2464b93a06a89e0a4f7353112da4cf06bc213e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "736-5e501a5d0afdd-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 981
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5
104.140.94.141200 OK 954 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5
IP 104.140.94.141:0
File type HTML document, ASCII text, with very long lines (2650), with no line terminators
Hash d33c92fb39e6857fb94d0600dddbf835
8bf1177733f682c378b8966e1d85ce774da10bb4
5202e044fcab9fbfc1c01085ac5fb6efead3bcbd1a48fc229f5749f5d8d4a6f2
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "a5a-5e501a5d09c56-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 954
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5
104.140.94.141200 OK 924 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5
IP 104.140.94.141:0
File type ASCII text, with very long lines (2568), with no line terminators
Hash 555b56286f56c3905c9a14f1b85ab351
b0c6bd020ac99a78c0d6021a2e545a0b6c54e158
eb46cf16fdee6b9e1e479e949803dccd534d6c28268d4658195558267f7884ea
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "a08-5e501a5d09c56-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 924
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
104.140.94.141200 OK 464 B URL HTTP/2 www.irvineeldercare.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (1087), with no line terminators
Hash 8f4371b1904703da700396e57cc2851a
f54f9c7e30117a26c096246800ad37684c3bb0f1
a90b06b6d4dc6446fd5e62dda1ae66d75edac1358c6abf8fadd1729d6e35f3ae
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "43f-5e501a5d831b1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 464
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1
104.140.94.141200 OK 333 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (656), with no line terminators
Hash b6e601276758da760c48a68a1c1c7098
d4b73cdd4c315b383748f0715d56d10aea537292
833db43661633b5c8d55a6d12bf8c0b19c340661375630cac4e9f5d778b0d5bb
GET /wp-content/plugins/js-composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "290-5e501a5c8340c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 333
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/skip-link-focus-fix.js?ver=20151215
104.140.94.141200 OK 417 B URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/skip-link-focus-fix.js?ver=20151215
IP 104.140.94.141:0
Hash 73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2ad-5e501a5d47897-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 417
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/navigation.js?ver=20151215
104.140.94.141200 OK 1.1 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/navigation.js?ver=20151215
IP 104.140.94.141:0
Hash 7eec6995203e3994a2714c41a388df66
99c08555971c9962b5ade2806e05ed29d0f00258
040c47ba29f4c8eefa8d359cd715eadc0888aa080ce6187a23b8eb8852bc54b9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/js/navigation.js?ver=20151215 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "b97-5e501a5d47897-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1094
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1
104.140.94.141200 OK 17 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (32020)
Hash b4f339e585bebafaae991720d64258d2
3bf8770cd493a8a6a3b4dc8a29a59b5d1265ef2b
e24cd90428b398498930396ba83c13bad996508f3f1dc9e65a7948ef1ddbac6c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "f3b0-5e501a5cfb1f7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17235
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/style.css?ver=4.7.23
104.140.94.141200 OK 20 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/style.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (1092)
Hash 7fd45e6d35d266408dee58345c081b15
9e822e95a566900e1549481ece6083fc4281fd4d
941a41bb878f0685f26d85f398101d399cfe1bdf71cdef4f8f18e6931eddfa5d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/style.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1b8f3-5e501a5d4ab5f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 19462
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-portafogli-in-pelle-e-tessuto-british-millerain-black.jpg
104.140.94.141301 Moved Permanently 366 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-portafogli-in-pelle-e-tessuto-british-millerain-black.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash da03f07d4f7abf03ca0ddc2c56cdbbc0
c7babf59aea10d49f6c4fa21940f66d250b991e4
fd0d712896165897132adf84697fd4060e13eab4e0ac71b692cbaac8aad94a44
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-portafogli-in-pelle-e-tessuto-british-millerain-black.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-portafogli-in-pelle-e-tessuto-british-millerain-black.jpg
Content-Length: 366
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0
104.140.94.141200 OK 374 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0
IP 104.140.94.141:0
Hash 6cb6dfce35465e6c0296aec28003bc49
9910c85cd65eee965ac4f673309bf01689d92d5e
a35824fd55cab76bf80dd58daa699665e0719bd2913012af360d75bb4055d081
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "441-5e501a5caef3f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 374
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/pantaloni-donnauomo-woolrich-pantaloni-sportivi-any-time-olive.jpg
104.140.94.141301 Moved Permanently 333 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/pantaloni-donnauomo-woolrich-pantaloni-sportivi-any-time-olive.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e81aee806d30b0420a806f47da4f56d6
0eb3dc2b0c7d791f353cd7c789742021091754ac
3b7e6dae74e5f43d510d3147063738bb87209bf8a1d24532a5faae530e5fb9e6
GET /wp-content/uploads/2022/08/pantaloni-donnauomo-woolrich-pantaloni-sportivi-any-time-olive.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/pantaloni-donnauomo-woolrich-pantaloni-sportivi-any-time-olive.jpg
Content-Length: 333
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-full-zip-con-cappuccio-e-trapuntatura-in-crinkle-nylon-light-grey-melange.jpg
104.140.94.141301 Moved Permanently 370 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-full-zip-con-cappuccio-e-trapuntatura-in-crinkle-nylon-light-grey-melange.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5a38e5eb097315e6f3d50d1b74006c08
5c383781ef9ffec778dd9a454ae76d904a180881
55409a5dbd23547162be79456c7906af10dfaaee47e2eb2886188e20d25ce8ad
GET /wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-full-zip-con-cappuccio-e-trapuntatura-in-crinkle-nylon-light-grey-melange.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-full-zip-con-cappuccio-e-trapuntatura-in-crinkle-nylon-light-grey-melange.jpg
Content-Length: 370
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/gonne-e-pantaloncini-donna-woolrich-pantaloncini-in-cotone-seersucker-melton-blue-check.jpg
104.140.94.141301 Moved Permanently 358 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/gonne-e-pantaloncini-donna-woolrich-pantaloncini-in-cotone-seersucker-melton-blue-check.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5ef58cfa7ea2913523d7ae228d27df01
1653b8ea693ba5b642750661ae8ce1828a6df96d
314d36a5e08d19f048f0f59d45b6a2a8f304bd001a9e907ca970e3ec85c29e32
GET /wp-content/uploads/2022/08/gonne-e-pantaloncini-donna-woolrich-pantaloncini-in-cotone-seersucker-melton-blue-check.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:40 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/gonne-e-pantaloncini-donna-woolrich-pantaloncini-in-cotone-seersucker-melton-blue-check.jpg
Content-Length: 358
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-includes/js/wp-embed.min.js?ver=4.7.23
104.140.94.141200 OK 735 B URL HTTP/2 www.irvineeldercare.com/wp-includes/js/wp-embed.min.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (1386), with no line terminators
Hash d2b60c1231015fbb2cfb0680a4fdfc87
2964b5bc32aad38d53ba3063503711c5cb6006ed
a83053c9a437c08c7d62ae9b07cf680d43a3ad129de64633eee91a860fab7844
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "56a-5e501a5d8a6e0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 735
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.16
104.140.94.141200 OK 1.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.16
IP 104.140.94.141:0
File type ASCII text, with very long lines (4528), with no line terminators
Hash 1120cd5b0edd556b7f9e55ddb7590130
ab56b011fd9fdd5c7d34d3bd8b91f9935d9f5e17
debc926596bb3db188ba7bf42b6376c63df9eecd6825ff949d0d4b26310d8ddd
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.16 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "11b0-5e501a5d35b71-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1322
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
104.140.94.141200 OK 34 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 104.140.94.141:0
File type ASCII text, with very long lines (31997)
Hash 6b2ceda6218e6810713286b29db017fb
71175271d84c90ca5f05ecc04d7f7a1052873380
de7a4d9a1cb75f0d1a4bf1a71907a44b85b9356da5c4f9e7f6729b8e69a38974
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "17a6a-5e501a5d83981-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 33776
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1.1.4
104.140.94.141200 OK 1.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1.1.4
IP 104.140.94.141:0
File type HTML document, ASCII text, with very long lines (5088)
Hash e5c798ea25ca01453dc79aae8c198d54
d3695c600ca7cffd5775eacbca5c64ad60c14250
c9b7688f87f9f80727e123e632bfc2755c265fd4a844964d7f73a7a937c137cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "141b-5e501a5d493ef-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1688
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/jquery-match-height/js/jquery.matchHeight-min.js?ver=1.1.4
104.140.94.141200 OK 1.4 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/jquery-match-height/js/jquery.matchHeight-min.js?ver=1.1.4
IP 104.140.94.141:0
File type ASCII text, with very long lines (521)
Hash 6854ce63cc086200aa71576b39853b9e
730966815d508402656927acbe9cec04ade5653d
aa723b8c98664c269cce42764cb97dc72e0c76b21565532a68767f6f11c4c5ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/library/jquery-match-height/js/jquery.matchHeight-min.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "d34-5e501a5d49007-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1383
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/editorialmag-custom.js?ver=1.1.4
104.140.94.141200 OK 1.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/editorialmag-custom.js?ver=1.1.4
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash ac64966c7e310ae25cf0275cc9eb8b41
9ecbfa67407ce4fa2dac80c6015490a0946ba990
b5bb908d8062f96d9b7f35a8fbd39426c17b7998064ee4c23151098c18d999b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/js/editorialmag-custom.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1208-5e501a5d474af-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1340
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
104.140.94.141200 OK 2.4 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP 104.140.94.141:0
File type ASCII text, with very long lines (7855), with no line terminators
Hash d32403263bb01c17b9b69d3f9d01f3fc
6a7810f026de39a8d37516d2ec56aabaf4f39cab
9c50bd091d05620a8c6678d800cb50bf64c862102a33b4ad19f914ceaa0b02cd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1eaf-5e501a5d831b1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2435
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1
104.140.94.141200 OK 3.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1
IP 104.140.94.141:0
Hash f28669a20d210fe8c593b9725104c1b7
6d586214dbf036816d4dafe692f8f8a7d5858036
57bdceafb5ff0e7b7197cbf718ed13f0fd5df080b0de582ddb81f1bf7189f5e5
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "2fa1-5e798533a1ed6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3284
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7
104.140.94.141200 OK 3.6 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7
IP 104.140.94.141:0
File type ASCII text, with very long lines (542)
Hash d171f0b57f67e731714e976d7e3effc9
d5db7ce71689da030335986004af8c8e7f7e346e
bbed2067b39d1d8e094f4431aff18ad239d04a186f28b33f7c8575342c3ce26f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2b0d-5e501a5d2ea2a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3589
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.15
104.140.94.141200 OK 2.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.15
IP 104.140.94.141:0
File type ASCII text, with very long lines (577)
Hash e12a60dec5d61df3408909a871b18ffc
e22dd480505e9b58429edc4909f1cde52f8f1979
4185d63eb8155c9dd7cea4e8f4289cd06da20a46e6c62058f58de840f6f05318
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.15 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2962-5e501a5d40f20-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2883
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1
104.140.94.141200 OK 2.8 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (9722), with no line terminators
Hash 1e4f92f6d5a02bb0b135ae4afa8811a4
d36d18e2b4f65bb8ffba922e35cebdbda7198496
d5f91ef61a45b28d9445ecdb68247d403b4f9bfe470ca18d33f5f2cce207672f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "25fa-5e501a5c8340c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2761
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1
104.140.94.141200 OK 37 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (27184)
Hash e83d81b6547dd15c59902a0b9c2776d0
6ba51781f5fcef943248cf43e3c23b0581df3361
02f700a3cdebd355831d895b3227940e8b8d6b868f3b4a3332d6a76dea0df5c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1a376-5e501a5cfb1f7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 37333
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5
104.140.94.141200 OK 2.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5
IP 104.140.94.141:0
Hash fb6a591695ce9b9fcbc9cafc54b88a01
dd828f4578cddb02d22c5eb32b3844543a7df97d
ac6dca8acc10ba7065c9521c3e55e4691fcbc8ee8ab0699bbc38f4b8fa5aa479
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "3afa-5e501a5c98bca-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2888
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
104.140.94.141200 OK 4.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 104.140.94.141:0
File type ASCII text, with very long lines (11827), with CRLF line terminators
Hash 78c76807cd811863da1aa05b64d5dd44
f01d2bf2dcf836c5def865724536f9258dc49d97
38b040a1996c581d9956b5193bf2f8922ce9ae0fcf4aa0e4d866395afb734279
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2e81-5e501a5d35789-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4715
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
104.140.94.141200 OK 4.0 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 104.140.94.141:0
File type ASCII text, with very long lines (15658)
Hash 6ea9b5bb25153f388b207e7ace2fd8f3
996696f49fa1da27c5bdaa9ad137dbb07ee48463
41d7aef81db85a75a0a668f3f8235ce54665afc804dfe36c7f2fddc6e43fd224
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "3d78-5e501a5d40f20-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4006
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
104.140.94.141200 OK 5.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
IP 104.140.94.141:0
File type ASCII text, with very long lines (14900)
Hash ebcf9ad4a94d5c31649dd4515ad0c7c0
e219102aa3fe113876fd76b578f9ea142d67d967
5af8e42123fc03e9a53e6fe91d95c64591e63d3c1f27703a24966154d7784747
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "3b90-5e798533a2a8e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5860
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
104.140.94.141200 OK 5.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 104.140.94.141:0
File type ASCII text, with very long lines (21592), with no line terminators
Hash e7ea1633b959bbaaae6977cc8576e0fd
9647a1164a2ea96dc87c396decea74be81276530
2b552dac8d5fb1334c0ab4061deb1d7e4b841dad3a7eec49fe832dfbf84629e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "5458-5e501a5d0b3c5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5851
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1
104.140.94.141200 OK 5.6 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (19302), with no line terminators
Hash 0efafbecce64312aea66b69f8ddcbbec
c34c4d59473aad7412257096b121fd752d7f13b6
19ecff382e9045abee99b4532cfb142f73a5cafe586cb7caf53f105a8ac91ce6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "4b66-5e501a5c79f9d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5606
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/masonry.min.js?ver=3.3.2
104.140.94.141200 OK 8.5 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/js/masonry.min.js?ver=3.3.2
IP 104.140.94.141:0
File type ASCII text, with very long lines (28817)
Hash 25309b355cc141316c0cc8040bc53ec4
fa8fe7646937a6bae2204aa0b099a498c4d84766
2401e0a375cf7f6a4a278bd0ed84ac2b16c8e17d672634944a7f8c3934042f1c
GET /wp-includes/js/masonry.min.js?ver=3.3.2 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "711a-5e501a5d84921-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8525
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1
104.140.94.141200 OK 44 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 093022cbb463574a78112bc1315e62d9
f6cab15675e35bca525d43a70ac20eed35d4cc74
69e831c5926dbf97dd3b6a38d722420eb2ab480320ec478194e6919392271a09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "700bd-5e501a5c741dd-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 44397
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/woolrich-logo1.png
104.140.94.141200 OK 16 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/woolrich-logo1.png
IP 104.140.94.141:0
File type PNG image data, 210 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ad988dbf2c84529125ef17cc4791d43
6ae0c9f82cb0def8e24e6a9080798104b3ea1eb3
e152ea8720665af66af7fbeede20e2a8f3e7cc1eedbf9b818f01168f18caa5d4
GET /wp-content/uploads/2022/08/woolrich-logo1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 04:05:26 GMT
etag: "3fac-5e53a39ed8588"
accept-ranges: bytes
content-length: 16300
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-marsupio-con-zip-impermeabile-e-inserti-in-pelle-black.jpg
104.140.94.141200 OK 34 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-marsupio-con-zip-impermeabile-e-inserti-in-pelle-black.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Hash b853c454883679488d1605576725244f
ead5f1f2d9649e138f1ecb93983d175d08e93f34
8619202f274c8b2fb97bd573be89256fe94ec8c1b29aad19e2f5f2bb8f801819
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-marsupio-con-zip-impermeabile-e-inserti-in-pelle-black.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:39:16 GMT
etag: "855d-5e5284241e5b2"
accept-ranges: bytes
content-length: 34141
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-porta-carte-in-pelle-con-logo-e-motivo-check-black.jpg
104.140.94.141200 OK 35 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-porta-carte-in-pelle-con-logo-e-motivo-check-black.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Hash af132dfbb5fe7a256e5f1616e4a2eed0
df516ff1c26032b520199d2a90829b3cbb83b999
17e81ea758e25440dfdd51f0acf171bc169422302ad7061b34ce385a7538503b
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-porta-carte-in-pelle-con-logo-e-motivo-check-black.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:40:50 GMT
etag: "88e3-5e52847e19a5d"
accept-ranges: bytes
content-length: 35043
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-girocollo-melton-blue.jpg
104.140.94.141200 OK 85 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-girocollo-melton-blue.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Hash 659a0f9361657892dc54254edecb8797
af76f30468d7636e5793ec8fdd2607fbc36429e5
80bf780b013d719009598d579cb70f92c538ef1c5228657d83b7a7d3bf0ffea5
GET /wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-girocollo-melton-blue.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:16:02 GMT
etag: "14d6a-5e527ef2a3f38"
accept-ranges: bytes
content-length: 85354
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-portafogli-in-pelle-e-tessuto-british-millerain-black.jpg
104.140.94.141200 OK 32 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-portafogli-in-pelle-e-tessuto-british-millerain-black.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Hash dd3f3235064c8d117139ad237b677f86
a981cb52b6bcc8b391ee81d87b0c92273c7ceab8
472688e68c1f21a1b32c2f347bb10219354bb4192e1a33beb4e67beff56819e9
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-uomo-woolrich-portafogli-in-pelle-e-tessuto-british-millerain-black.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:39:18 GMT
etag: "7b6f-5e528425be5c6"
accept-ranges: bytes
content-length: 31599
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-uomo-woolrich-gilet-heritage-terrain-in-nylon-taslan-dark-green.jpg
104.140.94.141200 OK 114 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-uomo-woolrich-gilet-heritage-terrain-in-nylon-taslan-dark-green.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 114 kB (114318 bytes)
Hash 80860bd64a19c92704fde2bc8c2dd654
0aa3358b421993ae4ee6092e5d0d0d3d5f92e8a4
a7890e36926040d5f1a550d428a70a9500a4d01dbd194524d6956032bfe754ca
GET /wp-content/uploads/2022/08/gilet-uomo-woolrich-gilet-heritage-terrain-in-nylon-taslan-dark-green.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:12:03 GMT
etag: "1be8e-5e527e0ee8ae3"
accept-ranges: bytes
content-length: 114318
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
104.140.94.141200 OK 113 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 113 kB (113252 bytes)
Hash 7e8146205a57f6d15866c808eae83779
b6305db6dd1e5122fc1ce8eaa9775ac2fabf881d
034bf97660b2208017194ae13b33e8df3a47ca19d71e00bd71e14599cc1655f6
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:39:24 GMT
etag: "1ba64-5e52842b4a007"
accept-ranges: bytes
content-length: 113252
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-uomo-woolrich-giacca-ibrida-sundance-in-nylon-elasticizzato-con-cappuccio-dark-green.jpg
104.140.94.141200 OK 115 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-uomo-woolrich-giacca-ibrida-sundance-in-nylon-elasticizzato-con-cappuccio-dark-green.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 115 kB (114895 bytes)
Hash 0152d13bf95ce62a2adc993884d86a4e
ce6d1349a27a6211fa2abb97d969a758c2e722bf
5074539da85713f9700aaadb7427a4bb912e9a621cddf44aba1fe726dcb8604e
GET /wp-content/uploads/2022/08/giacche-uomo-woolrich-giacca-ibrida-sundance-in-nylon-elasticizzato-con-cappuccio-dark-green.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:11:27 GMT
etag: "1c0cf-5e527dec0d926"
accept-ranges: bytes
content-length: 114895
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/pantaloni-donnauomo-woolrich-pantaloni-sportivi-any-time-olive.jpg
104.140.94.141200 OK 92 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/pantaloni-donnauomo-woolrich-pantaloni-sportivi-any-time-olive.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Hash 93fdcb55fd2ae4e10e92491de899fa66
5bfdcc8c955845442f93c6cf6ec0cea79ab00acb
6769802b03c6612f22561c3d48d12448f98a8c993be2d4872bd99e1aaab29ac8
GET /wp-content/uploads/2022/08/pantaloni-donnauomo-woolrich-pantaloni-sportivi-any-time-olive.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:37:33 GMT
etag: "16631-5e5283c1b79a4"
accept-ranges: bytes
content-length: 91697
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/gonne-e-pantaloncini-donna-woolrich-pantaloncini-in-cotone-seersucker-melton-blue-check.jpg
104.140.94.141200 OK 114 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/gonne-e-pantaloncini-donna-woolrich-pantaloncini-in-cotone-seersucker-melton-blue-check.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 114 kB (114060 bytes)
Hash efa8125d672cd0d9d0bcfa460d9cc91e
7bbc609bd6c20a8df3b1f8adbd964bbe3fcc251b
86ee72b33e75cbe1161dad66f17a6faedaa959a8e81df4a59ebb7b14575a7d33
GET /wp-content/uploads/2022/08/gonne-e-pantaloncini-donna-woolrich-pantaloncini-in-cotone-seersucker-melton-blue-check.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:29:51 GMT
etag: "1bd8c-5e528208dfe28"
accept-ranges: bytes
content-length: 114060
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-full-zip-con-cappuccio-e-trapuntatura-in-crinkle-nylon-light-grey-melange.jpg
104.140.94.141200 OK 116 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-full-zip-con-cappuccio-e-trapuntatura-in-crinkle-nylon-light-grey-melange.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 116 kB (115953 bytes)
Hash 25a5f6e3c5484bc49712fa60a4b5a647
1dd413b0dcb1d4aa474fd93a34229a9bbee553de
2ec7ff0c68d5e97871c48f01c7725a04d002a42e36c005f87e5f1c20967c0b6b
GET /wp-content/uploads/2022/08/felpe-uomo-woolrich-felpa-full-zip-con-cappuccio-e-trapuntatura-in-crinkle-nylon-light-grey-melange.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:21:47 GMT
etag: "1c4f1-5e52803b97647"
accept-ranges: bytes
content-length: 115953
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/45637700_10158106387959966_3073163333533171712_n1.png
104.140.94.141200 OK 424 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/45637700_10158106387959966_3073163333533171712_n1.png
IP 104.140.94.141:0
File type PNG image data, 550 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 424 kB (424375 bytes)
Hash 4f0d85822abe570844ca9ddf40066ada
2bcf66494d9514f00c014abdc3da799483a88943
de1a3a11e20cc07cfd87fad430912bab96a677df8dd9671a022f6d3db6398b4d
GET /wp-content/uploads/2022/08/45637700_10158106387959966_3073163333533171712_n1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:52:33 GMT
etag: "679b7-5e53c8f9de5e0"
accept-ranges: bytes
content-length: 424375
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/53832784_2239251702955963_7213939100288548864_n1.png
104.140.94.141200 OK 458 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/53832784_2239251702955963_7213939100288548864_n1.png
IP 104.140.94.141:0
File type PNG image data, 550 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 458 kB (458106 bytes)
Hash 0bb8c470c058104c6dd60d12e12ef2e4
bc87ad0c1c7bcbdbbbf7bd419a97e34c79c4ac5d
47e148f9c5dcafad70bfb5b895fc9476774fb35f00b9685b918965be3e941f11
GET /wp-content/uploads/2022/08/53832784_2239251702955963_7213939100288548864_n1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:50:56 GMT
etag: "6fd7a-5e53c89cac57f"
accept-ranges: bytes
content-length: 458106
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/274542497_10161894354874966_3440929249583224645_n1.png
104.140.94.141200 OK 590 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/274542497_10161894354874966_3440929249583224645_n1.png
IP 104.140.94.141:0
File type PNG image data, 550 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 590 kB (590312 bytes)
Hash 13b8c3ab89a44c0b9c3d09f0599e1aaa
b202c18722e4ab47744eb8de6309ef85fc003181
15c1c953a954fc5f889e0151174920648a1442052a55e084dcaebc5505387dd3
GET /wp-content/uploads/2022/08/274542497_10161894354874966_3440929249583224645_n1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:55:33 GMT
etag: "901e8-5e53c9a521b68"
accept-ranges: bytes
content-length: 590312
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/277670596_10161949938849966_6858598286180180588_n1.png
104.140.94.141200 OK 703 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/277670596_10161949938849966_6858598286180180588_n1.png
IP 104.140.94.141:0
File type PNG image data, 550 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 703 kB (703276 bytes)
Hash 2ea10da8413e624a94ef7846c9e21339
9a0fc72ee8513621f41b5545ec6ccbef4eae9260
a8e4fd4a67957a30c89fca4bac269bad2402aae456a1ca924b0ac34963517900
GET /wp-content/uploads/2022/08/277670596_10161949938849966_6858598286180180588_n1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:56:46 GMT
etag: "abb2c-5e53c9ea79732"
accept-ranges: bytes
content-length: 703276
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.4.5
104.140.94.141200 OK 1.1 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.4.5
IP 104.140.94.141:0
File type ASCII text, with very long lines (6758), with no line terminators
Hash bac3c679da4930209be92b338cb74b7f
1a18633b3aecdcb7146475a1f6a90c58058f9e9b
b5b63cee0120e4cf9a183bab0905af9d4fa8712d4afef4d0b7d7c0f914ae26b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:41 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1a66-5e501a5d0698e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1055
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
104.140.94.141200 OK 72 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 104.140.94.141:0
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
GET /wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:41 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "118d8-5e501a5c80cfc"
accept-ranges: bytes
content-length: 71896
vary: Accept-Encoding,User-Agent
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/12322564_10154430580629966_6111676659585967825_o1.png
104.140.94.141200 OK 824 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/12322564_10154430580629966_6111676659585967825_o1.png
IP 104.140.94.141:0
File type PNG image data, 1200 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 824 kB (824400 bytes)
Hash 418c406e1d22232b0757423bf1c224e8
252cc9235d0783d09ea0639704b08cf710d2b0e1
7da105448882db15a0ce200e70314d475f8189aa40c4f2dd95f701d8b070f5e2
GET /wp-content/uploads/2022/08/12322564_10154430580629966_6111676659585967825_o1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 09:37:46 GMT
etag: "c9450-5e53ede770990"
accept-ranges: bytes
content-length: 824400
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/12186239_10154345370374966_7805643961138644739_o1.png
104.140.94.141200 OK 1.0 MB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/12186239_10154345370374966_7805643961138644739_o1.png
IP 104.140.94.141:0
File type PNG image data, 1200 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 1.0 MB (1009218 bytes)
Hash b8c591208dcd1ec297ad1b30cd77b1ed
1e07e4bd8782a02e09f49951b26c6de67ca086bb
0915f28a56baaaca45fa73e44f1def3e1939d2b18e0f143e8f0fa77d387d7b64
GET /wp-content/uploads/2022/08/12186239_10154345370374966_7805643961138644739_o1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 09:37:57 GMT
etag: "f6642-5e53edf245b81"
accept-ranges: bytes
content-length: 1009218
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
104.140.94.141301 Moved Permanently 299 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5e9043648886b71231bcf42ddb349042
2a2a0c9f8bccc9b132bbde00af76ba0da105593b
b409cd56fcd3e7704d470f1c40ed069e61763b209dfd3b5d3624ca5a799ebb5d
GET /wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:41 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
Content-Length: 299
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
104.140.94.141301 Moved Permanently 284 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1f2721485eb75a831596bc165927fefb
953cde1aadff50bdd8bcf64b51aa1bbe717937df
8c70b6ed63b0c620cc5dd0329bda75ba085b7a095f4bd65ac63347ef75c7d1a1
GET /wp-content/uploads/2022/08/favicon-96x96.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 05:37:41 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
Content-Length: 284
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
104.140.94.141200 OK 2.0 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
IP 104.140.94.141:0
File type PNG image data, 80 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 4957d80a725c8f31859945c9ac011a46
c369bfd1265c21c3c5a6004396c89a85abaed26f
c2966a59dc64cda1dd6262b1241ad2ea199ef4c849835db8861086501a4214dd
GET /wp-content/uploads/2022/08/favicon-96x96.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:41 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 04:05:12 GMT
etag: "7e9-5e53a391af897"
accept-ranges: bytes
content-length: 2025
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
104.140.94.141200 OK 957 B URL HTTP/2 www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
IP 104.140.94.141:0
File type PNG image data, 32 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f279c3b2b5e3710e8015b1404e433ba
b26452482d777a0f7059132e55ad3ef4756e269c
c945efa8ad91490e4ae5caa32260f7d64fe5732db591e6f96379a41b7200d9a4
GET /wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:41 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:00:14 GMT
etag: "3bd-5e53bd47f3983"
accept-ranges: bytes
content-length: 957
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/?wc-ajax=get_refreshed_fragments
104.140.94.141200 OK 164 B URL HTTP/2 www.irvineeldercare.com/?wc-ajax=get_refreshed_fragments
IP 104.140.94.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9321f8c25b298fb366d0691ebe7a505c
46b09819b9a87ed18bd09b10e47a8ad536f2660c
02dd9606d7a707cb96c36867d89a9aef6732ea21cb79688233e2c31c6046fc42
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.irvineeldercare.com
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:41 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
pragma: no-cache
access-control-allow-origin: https://www.irvineeldercare.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 164
content-type: application/json; charset=UTF-8
X-Firefox-Spdy: h2
www.irvineeldercare.com/?wc-api=wpcf7customer&__v=1663220246559
104.140.94.141200 OK 0 B URL HTTP/2 www.irvineeldercare.com/?wc-api=wpcf7customer&__v=1663220246559
IP 104.140.94.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?wc-api=wpcf7customer&__v=1663220246559 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 211
Origin: https://www.irvineeldercare.com
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:41 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/moment.js?ver=1.1.4
104.140.94.141200 OK 0 B URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/moment.js?ver=1.1.4
IP 104.140.94.141:0
GET /wp-content/themes/editorialmag/assets/js/moment.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2091e-5e501a5d47897-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 31593
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
104.140.94.141200 OK 0 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 104.140.94.141:0
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "255e-5e501a5d0a426-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3533
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/lightslider/js/lightslider.min.js?ver=1.1.4
104.140.94.141200 OK 0 B URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/lightslider/js/lightslider.min.js?ver=1.1.4
IP 104.140.94.141:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/library/lightslider/js/lightslider.min.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=cqd8vcjo5c4698gn1dpngfvhj3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 05:37:40 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "3e97-5e501a5d493ef-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4945
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Signika+Negative%3A300%2C400%2C600%2C700%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&ver=1.1.4
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Signika+Negative%3A300%2C400%2C600%2C700%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&ver=1.1.4
IP 142.250.74.10:0
GET /css?family=Signika+Negative%3A300%2C400%2C600%2C700%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&ver=1.1.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 05:37:40 GMT
date: Thu, 15 Sep 2022 05:37:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2