firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 20:15:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BHfKA-v7uC0YDtki7dE2HywhNk8THFJW2fDRdDLKSIiHYUC1W8ioAw==
Age: 277
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8479
Expires: Sun, 25 Sep 2022 22:41:02 GMT
Date: Sun, 25 Sep 2022 20:19:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S25Taikzsv_Zms6LnaaJj_Iwa2McmeuF6cvya0taP4npr_pnq4jf9g==
age: 56669
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 20:19:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
irvineeldercare.com/
104.140.94.141301 Moved Permanently 236 B IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c3aecfd550b176145307a13d5da0fd94
8fd1831b6a97451f2a5f93cf997673d8a24b2e6b
512d8fc58d0d9e7811da63a6c980a4df16b5dacf4a7215de4f2f694084911cec
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:43 GMT
Server: Apache/2
Location: https://irvineeldercare.com/
Content-Length: 236
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 20:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 20:18:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SOe8nob_vTy8diUXNnn9Njgo4Q8R-JhBOrfS3n-QgBvWN6BD-aYcOA==
Age: 927
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 25d9d95669aff9a3699114f2b3898db2
f69067a38cb8d65997b938f9d7cf0325d70b4393
e5255a666f4b10106af95232cecc4a2c8ae6777a2274651d4220971285710aa6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5255A666F4B10106AF95232CECC4A2C8AE6777A2274651D4220971285710AA6"
Last-Modified: Sun, 25 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 26 Sep 2022 02:19:44 GMT
Date: Sun, 25 Sep 2022 20:19:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:19:44 GMT
Last-Modified: Sun, 25 Sep 2022 19:27:48 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 16LhycgF6OLVhTyEHZTdqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ry73N8vFRzhgE+rXuxzfU5sFj2g=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19944
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 20:19:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19944
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 20:19:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19944
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 20:19:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v37Rjs_OtmFd6UKau0Flv_J6GAWTe0UdA8hXaDmmn6SmLXQbEHeBVQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 03:45:44 GMT
age: 59641
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 80236
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 81746
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a9f4d93ea4a06628bc31a00a9c4e692
27f05479fd4fbe68993748fdb043850807ddebdd
31b0809297c7e8acbb46b544cf6f3f4ffaa6bda7a8896fe8678fbfc839a115ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73844595-b7d7-4585-a846-ab38b27af847.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11435
x-amzn-requestid: e1288aca-0375-4ce8-9daa-81afe23c9c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_ETHE6oAMFqGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-01a836ab57a326356f838bfc;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X8xpMQCKuQGx46BrQ_851U0HhXIALy0k22WRO-zp8TuFhK0KaHItBw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "27f05479fd4fbe68993748fdb043850807ddebdd"
content-type: image/jpeg
age: 81759
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 80907
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbab0d089-95bd-4651-a13f-3229c2063991.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbab0d089-95bd-4651-a13f-3229c2063991.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef747f1f9a0ba61710d9241ce96b24b8
76ade0c3c0ba623c924212fb0942689339749e27
78c53067a0766d4be7b1428f5d668a47bcba5d4bce1682aa7a31ebf355eaffc8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbab0d089-95bd-4651-a13f-3229c2063991.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11724
x-amzn-requestid: 4a6a75b9-e171-4b1f-acb2-3579514cdb90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5t3jEiFIAMFYzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5cfc-6c724fa704ad6fe4020f14ee;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:15:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: G8OLxtfL0iOF7wqKUYG2uXrjNINxhgwZvOZ1Pz2-jwuG_TbNQdK68A==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:00:21 GMT
age: 44364
etag: "76ade0c3c0ba623c924212fb0942689339749e27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
irvineeldercare.com/
104.140.94.141301 Moved Permanently 0 B IP 104.140.94.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 25 Sep 2022 20:19:44 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=mdhce0k4p0cqtej7v4ua086uu7; path=/
location: https://www.irvineeldercare.com/
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.irvineeldercare.com/
104.140.94.141200 OK 16 kB IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1724), with CRLF, LF line terminators
Hash 4940141d87b59016beee5b94e298ebb0
23e118a4dcfb9d0ebcbe9365d60d324a91e918d1
68be7414221bb8af6fc88e08b098af107ce8714168cfd22bb298d3dc264a5a52
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:46 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
link: <https://www.irvineeldercare.com/wp-json/>; rel="https://api.w.org/", <https://www.irvineeldercare.com/>; rel=shortlink
set-cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 15483
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.irvineeldercare.com/wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.23
104.140.94.141200 OK 431 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.23
IP 104.140.94.141:0
Hash c2ea397c76a39b9111e1a8ea3c737b85
5fe3b685dab9734b0039701db8343e9b8cd33cc8
bf683f9172636a10c6ea2f9aed526f8a152ea317b133acc0cb2d2459d038361d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fma-product-custom-options/front/css/fmepco_front_style.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "4bf-5e501a5c6fb8e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 431
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1
104.140.94.141200 OK 623 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1
IP 104.140.94.141:0
Hash 9e3f8f252465b6106c5aec804d2d3d36
c5b74d79a69e2989e98bd231a2d43c6ab9229f97
7bbba87c71a99954bd443bc63cc4b9f71b3fb17c462c43cbd1b767fa0d5fd357
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.6.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "630-5e798533a2e76-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 623
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/css/customer.css?ver=4.7.23
104.140.94.141200 OK 612 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/css/customer.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash 606f8aaf2cf6e15149de2d6b811106f1
f8ecc287f04c6273fdbc4ca0e1e722a09697f385
80e11e07cccf55f0f2755b5e645c92440c4e0f457af76d85bb50aad0805d4055
GET /wp-content/plugins/contact-form-7/includes/css/customer.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "76c-5e798533a2e76-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 612
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5
104.140.94.141200 OK 2.2 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5
IP 104.140.94.141:0
File type ASCII text, with very long lines (16542), with no line terminators
Hash 7e972f6c1b2623731f8a00bac6c27b89
c74dbad6d727697f8a479e8928da654273abdc4b
56a3d5d9f218531f5135906f5c15990ae8a70bd8d09abe40588bab417504ee8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "409e-5e501a5d0698e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2157
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
104.140.94.141200 OK 7.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (36280)
Hash 8e803265d12924cdf2e9b5e393eb384c
59b83e984e437abe07e57dd26bdf5b1206a7ccd7
6cc653068cb6eaee82faca8d49699215ac97db1b69cafa27599d2709987aac4d
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.3.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "8f21-5e501a5cf7f30-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7697
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:19:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5
104.140.94.141200 OK 8.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5
IP 104.140.94.141:0
File type Unicode text, UTF-8 text, with very long lines (61714), with no line terminators
Hash 749b1a20d0728311d2a4d77164ed127c
84f788f17f12c0db4419ea76bef8185a9fa1f703
d87f53c8edf5f2aab26e835e1ba3f81b7278e2314e5cf2cad0de136c0db5c9bd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "f120-5e501a5d0698e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8732
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.23
104.140.94.141200 OK 332 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.23
IP 104.140.94.141:0
Hash 41225bdf9822ee5e476182c76b9a7273
e5cfb6011d658e6208283e8f9563c83f810ddeff
66d7c6e50c9e412f50d7aa0644945160d9dd0c2a6cc93a18157323ec878f5667
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-ajax-search/assets/css/yith_wcas_ajax_search.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "28e-5e501a5d2de72-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 332
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.7.23
104.140.94.141200 OK 1.2 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash e0203ea95b7d996ae4f35d9cf7e0cd20
2e1baf04588385222014e7e904f61d104bddcb15
595c5566a8664be7d5a12c298102051410514315ad7b199f20f9fcc8df54a549
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "f20-5e501a5d33461-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1239
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.7.23
104.140.94.141200 OK 1.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (9152), with no line terminators
Hash 23f9556c7654e2e5a83b2b436b102642
a1fe7b8fee22a0aabc9c015dabad637ec22ad1c6
873a70b9f1f9c101e7e399e8eddf1f92b67ccce457a94b9fac356c6a84b76bc5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "23c0-5e501a5d061be-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1921
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/css/dashicons.min.css?ver=4.7.23
104.140.94.141200 OK 29 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/css/dashicons.min.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (46364), with no line terminators
Hash c3deda3e7fece967f2ccbd284ea13582
97463a1c50f1c8975116d5498806f24791b23fef
a7e9b2f080d9b676910cd9186c7f2ffd4066d61d0380a344c935fa349982aa10
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "b51c-5e501a5d7eb61-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 28612
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
104.140.94.141200 OK 1.0 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 104.140.94.141:0
Hash 7f046eb8ca1a67b89dd74a47d03ffccf
66e28ae939b80ec7fd96c4b74b0c6777f14dc3a0
05a64429ad07959bd15ae2c23c63c32d318fdf3ebcbb0704a81f4c4364a18860
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "df4-5e501a5d3e040-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1027
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/lightslider/css/lightslider.min.css?ver=4.7.23
104.140.94.141200 OK 1.4 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/lightslider/css/lightslider.min.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (5449)
Hash d5e6ad3b48507f661049c1e0a3bf5bb5
1c60b79a9627ebc4f20f1390633695a94cd2eee0
6c370e16e2b1d23d0edade1b050b2371d581b98366730c9c4931215d7d3ae8e7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/library/lightslider/css/lightslider.min.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "159e-5e501a5d49007-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1378
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.15
104.140.94.141200 OK 2.8 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.15
IP 104.140.94.141:0
Hash c6818fedbc8642f8b16208eb300f65bd
821284e4a13943332d8c3c1bf05fb463c0fd3fa8
1ada8dde3db6bd94330a43ef42a03f022b87a16b17ed4982e164872b899da828
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=2.2.15 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "3ccd-5e501a5d3e040-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2848
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0
104.140.94.141200 OK 955 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0
IP 104.140.94.141:0
Hash d4a59d85a543d7344746f9bbd79b18d3
64236cf986e649ea6c1f8387e1c0ea392602557e
e1a43ab9fcec9c445d945df580b82c7093968ecc11395b581bf0158b7e72d4c1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/newsletter/subscription/style.css?ver=4.8.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "13be-5e501a5caef3f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 955
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.23
104.140.94.141200 OK 382 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash e5611b003aacbbc3ca958f31e2e48cbf
1449fb63049e03a2527968602874b0303a11f243
e9c21923a0fea4bcadc0372529d1cff69d1e7f91ad0bd1f08bceb41e11b97866
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woo-exchange-rate/assets/js/woo-exchange-rate.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "353-5e501a5d00bcf-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 382
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-a-camicia-uomo-woolrich-giacca-a-camicia-cruiser-in-eco-ramar-melton-blue.jpg
104.140.94.141301 Moved Permanently 352 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-a-camicia-uomo-woolrich-giacca-a-camicia-cruiser-in-eco-ramar-melton-blue.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 168b175145a9b805151db273ded6ed75
6bc6807f65a30295945738919fbc2ebee57817bc
0adc090db04fddeb5cce8ce7a08b40d313d499443e0e795f619cf367f0718e27
GET /wp-content/uploads/2022/08/giacche-a-camicia-uomo-woolrich-giacca-a-camicia-cruiser-in-eco-ramar-melton-blue.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-a-camicia-uomo-woolrich-giacca-a-camicia-cruiser-in-eco-ramar-melton-blue.jpg
Content-Length: 352
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donnauomo-woolrich-borsa-tote-in-ripstop-military-green.jpg
104.140.94.141301 Moved Permanently 354 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donnauomo-woolrich-borsa-tote-in-ripstop-military-green.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5385498b7661f5f478ca2186bcd6b83c
bd2f92b30ec1a4ecb043faf0703eef3a33f75e1c
5954b7c5247ade0859712bfb3ac3cc7438e3f18b612c8b9bb71a7027ccfca03f
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donnauomo-woolrich-borsa-tote-in-ripstop-military-green.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donnauomo-woolrich-borsa-tote-in-ripstop-military-green.jpg
Content-Length: 354
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/magliette-uomo-woolrich-maglietta-con-taschino-e-logo-in-rilievo-bright-white.jpg
104.140.94.141301 Moved Permanently 348 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/magliette-uomo-woolrich-maglietta-con-taschino-e-logo-in-rilievo-bright-white.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4d1ac64144f6cea8c6c13a7948b07f2c
5024b689df2e4df814d11e867ba77aa6be3ca109
7d6bad085a63ad9b212a697f37b7e80b2e54a84ec97232c5c8c43c9b0ddd629f
GET /wp-content/uploads/2022/08/magliette-uomo-woolrich-maglietta-con-taschino-e-logo-in-rilievo-bright-white.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/magliette-uomo-woolrich-maglietta-con-taschino-e-logo-in-rilievo-bright-white.jpg
Content-Length: 348
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/camicie-uomo-woolrich-camicia-cruiser-in-flanella-con-motivo-check-gold-khaki-check.jpg
104.140.94.141301 Moved Permanently 354 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/camicie-uomo-woolrich-camicia-cruiser-in-flanella-con-motivo-check-gold-khaki-check.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 51db56ebd689f2ff7b464045091b2b97
6b08c2a63e9ce689e34b14be8619f228bde18760
af868cc7527d33af341e6c04c1fe42fd3caff6f3298e5e0ac6dca73f328b0798
GET /wp-content/uploads/2022/08/camicie-uomo-woolrich-camicia-cruiser-in-flanella-con-motivo-check-gold-khaki-check.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/camicie-uomo-woolrich-camicia-cruiser-in-flanella-con-motivo-check-gold-khaki-check.jpg
Content-Length: 354
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/maglieria-donna-woolrich-top-halter-in-maglia-danic3ablle-cathari-woolrich-iris-yellow.jpg
104.140.94.141301 Moved Permanently 357 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/maglieria-donna-woolrich-top-halter-in-maglia-danic3ablle-cathari-woolrich-iris-yellow.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5ef5a699d30deb228098d4242ccc78ea
6c7ccf46e6a758a480e36f4f4bd058fc11de0801
0b7e5cdc6bc43e4d29b75a811ae3d0a395caad2e26cf283a06d029a50e131f54
GET /wp-content/uploads/2022/08/maglieria-donna-woolrich-top-halter-in-maglia-danic3ablle-cathari-woolrich-iris-yellow.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/maglieria-donna-woolrich-top-halter-in-maglia-danic3ablle-cathari-woolrich-iris-yellow.jpg
Content-Length: 357
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-summer-parka-rusty-brown.jpg
104.140.94.141301 Moved Permanently 326 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-summer-parka-rusty-brown.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7247449943815a69280980fde9b2ccd2
1f545317d553ae49c91c780fc383caafc5cb491d
599a0db07236948098a52770d257420e48c5d3423b781222390fcd7cc8156d0a
GET /wp-content/uploads/2022/08/water-resistant-donna-woolrich-summer-parka-rusty-brown.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-summer-parka-rusty-brown.jpg
Content-Length: 326
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1
104.140.94.141200 OK 351 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1
IP 104.140.94.141:0
Hash caa6ca5d23d1adf35e63b219631fff8e
786acb0cf5a9033939c4c4b8f5c4109e2e15401f
50973c0a98e9463c4417b2ccd9424a5f89a9924b80878548f19422b25d23d901
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "37f-5e501a5c7ab55-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 351
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5
104.140.94.141200 OK 954 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5
IP 104.140.94.141:0
File type HTML document, ASCII text, with very long lines (2650), with no line terminators
Hash d33c92fb39e6857fb94d0600dddbf835
8bf1177733f682c378b8966e1d85ce774da10bb4
5202e044fcab9fbfc1c01085ac5fb6efead3bcbd1a48fc229f5749f5d8d4a6f2
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "a5a-5e501a5d09c56-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 954
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.23
104.140.94.141200 OK 1.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (3019)
Hash dfa1dc2c69e232f53c517dd2601508e3
7d8b55891db0121063d1566edfff0677fa657280
f89e903256da13d6baa2a8d581954094490b1bbf163edf3633d10fb5fc96184c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/fma-product-custom-options/front/js/accounting.min.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "c4f-5e501a5c6fb8e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1304
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/customer.js?ver=4.7.23
104.140.94.141200 OK 1.5 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/customer.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash d891908f72a5186afe58eb444b5f760f
9d2ad224449ec09dc8baf103260afe852a0093ec
5d63662cce5a394195eaa450a9ed853455750d9ea15f00cba1eab05713183e06
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/customer.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "16a2-5e798533a1ed6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1530
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/utils.js?ver=4.7.23
104.140.94.141200 OK 2.1 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/utils.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash 5bc54f98bdc4d9364767615e0bbfbdee
d8a3cc2023f5075ac529125d96a61af5ed4f558e
30c4eeae124d71596809a4f6eae5daed5f807e2ea08782793f2aa7610a2e38cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/utils.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "2565-5e798533a1ed6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2087
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1
104.140.94.141200 OK 1.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (10490), with no line terminators
Hash c3152306080f8c2af0a55d6c99e0ed37
cdfd2c1d4bc3fb0dc4b18454bee088412a415956
da58870f9556728f192782a0e6be3d7863b69b20be0c790af9ef5fb7ef7d1577
GET /wp-content/plugins/js-composer/assets/lib/vc_carousel/css/vc_carousel.min.css?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "28fa-5e501a5c82c3c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1322
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
104.140.94.141200 OK 4.0 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2748-5e501a5d83599-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4014
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/css/responsive.css?ver=4.7.23
104.140.94.141200 OK 4.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/css/responsive.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash be490526b0ade20c072170658ae4357f
1821d61501182957b2c9b7bb8e5d6c157dcac9b9
e50b62475bdedd6182d7c20cabb8d4877b4c73bf6b3f8440dca88b7dbb7ec31d
GET /wp-content/themes/editorialmag/assets/css/responsive.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "6921-5e501a5d470c7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4297
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
104.140.94.141200 OK 7.1 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
IP 104.140.94.141:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "7918-5e501a5d3e040-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 7053
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
104.140.94.141200 OK 6.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (28824)
Hash 493398c5b021c6f1679b5faa7c9d33ae
1bd77a073f3d85adcf06856da80009a1cc4a11d3
31f324dd068c29c50c9af1334d7f461686d51c12435895e5e87e83d387917fb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "713a-5e501a5c7f974-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6684
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5
104.140.94.141200 OK 591 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5
IP 104.140.94.141:0
File type ASCII text, with very long lines (1402), with no line terminators
Hash 4380e7ab9aa888e12cb1a391b71638ae
718403244f48059dff634871c056679d6e2fc3e4
a2ceba8511849f4dbaaa2e9b84e6e163e77bc8916c817441fd90d62fba616e5c
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "57a-5e501a5d0a426-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 591
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
104.140.94.141200 OK 981 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 104.140.94.141:0
File type ASCII text, with very long lines (1680)
Hash 2238631cf6be3be50e2ab84374f6381d
f1525686e4d6b7d39727aaf30db49ac9b2bc3fa8
8e46659318c5590dc20944c2d2464b93a06a89e0a4f7353112da4cf06bc213e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "736-5e501a5d0afdd-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 981
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5
104.140.94.141200 OK 924 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5
IP 104.140.94.141:0
File type ASCII text, with very long lines (2568), with no line terminators
Hash 555b56286f56c3905c9a14f1b85ab351
b0c6bd020ac99a78c0d6021a2e545a0b6c54e158
eb46cf16fdee6b9e1e479e949803dccd534d6c28268d4658195558267f7884ea
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.4.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "a08-5e501a5d09c56-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 924
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1
104.140.94.141200 OK 17 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (32020)
Hash b4f339e585bebafaae991720d64258d2
3bf8770cd493a8a6a3b4dc8a29a59b5d1265ef2b
e24cd90428b398498930396ba83c13bad996508f3f1dc9e65a7948ef1ddbac6c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.3.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "f3b0-5e501a5cfb1f7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 17235
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/skip-link-focus-fix.js?ver=20151215
104.140.94.141200 OK 417 B URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/skip-link-focus-fix.js?ver=20151215
IP 104.140.94.141:0
Hash 73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2ad-5e501a5d47897-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 417
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/style.css?ver=4.7.23
104.140.94.141200 OK 20 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/style.css?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (1092)
Hash 7fd45e6d35d266408dee58345c081b15
9e822e95a566900e1549481ece6083fc4281fd4d
941a41bb878f0685f26d85f398101d399cfe1bdf71cdef4f8f18e6931eddfa5d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/style.css?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1b8f3-5e501a5d4ab5f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 19462
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/navigation.js?ver=20151215
104.140.94.141200 OK 1.1 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/navigation.js?ver=20151215
IP 104.140.94.141:0
Hash 7eec6995203e3994a2714c41a388df66
99c08555971c9962b5ade2806e05ed29d0f00258
040c47ba29f4c8eefa8d359cd715eadc0888aa080ce6187a23b8eb8852bc54b9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/js/navigation.js?ver=20151215 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "b97-5e501a5d47897-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1094
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
104.140.94.141200 OK 464 B URL HTTP/2 www.irvineeldercare.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (1087), with no line terminators
Hash 8f4371b1904703da700396e57cc2851a
f54f9c7e30117a26c096246800ad37684c3bb0f1
a90b06b6d4dc6446fd5e62dda1ae66d75edac1358c6abf8fadd1729d6e35f3ae
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "43f-5e501a5d831b1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 464
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-donna-woolrich-gilet-ellis-imbottito-lungo-in-microfibra-black.jpg
104.140.94.141301 Moved Permanently 339 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-donna-woolrich-gilet-ellis-imbottito-lungo-in-microfibra-black.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24ed3049ee1c8d2bfebde8325770b8dc
86729423d658fb3e1f2a1b09a89320d367a8ff63
e11cd5de76cf00f177ae03a4a4cdb82dab11fa53f06289fbfd645f5f0652026b
GET /wp-content/uploads/2022/08/gilet-donna-woolrich-gilet-ellis-imbottito-lungo-in-microfibra-black.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-donna-woolrich-gilet-ellis-imbottito-lungo-in-microfibra-black.jpg
Content-Length: 339
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-giacca-pequea-in-jersey-elasticizzato-juice.jpg
104.140.94.141301 Moved Permanently 345 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-giacca-pequea-in-jersey-elasticizzato-juice.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 33db22fe1c0606a5b233dae6e41a11db
e5e280c3a04462cf9753310a9968a0f397572679
1f24930dccf7f298b83efbb767fabdb028baa55e6a9f6ba9cb64cef2ac0b2f75
GET /wp-content/uploads/2022/08/water-resistant-donna-woolrich-giacca-pequea-in-jersey-elasticizzato-juice.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-giacca-pequea-in-jersey-elasticizzato-juice.jpg
Content-Length: 345
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/accessori-per-cani-donnauomo-woolrich-parka-per-cani-di-taglia-grande-temelliniwoolrich-brown-olive.jpg
104.140.94.141301 Moved Permanently 370 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/accessori-per-cani-donnauomo-woolrich-parka-per-cani-di-taglia-grande-temelliniwoolrich-brown-olive.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c3d49d992230b25d966c752fbbff108a
59698ec2076c03c6b57bb33d43110061aa47294d
dd9106afbc993f8f079fc5ac04e1a29c14838b39a780d3585fbb66879949bacc
GET /wp-content/uploads/2022/08/accessori-per-cani-donnauomo-woolrich-parka-per-cani-di-taglia-grande-temelliniwoolrich-brown-olive.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/accessori-per-cani-donnauomo-woolrich-parka-per-cani-di-taglia-grande-temelliniwoolrich-brown-olive.jpg
Content-Length: 370
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
104.140.94.141301 Moved Permanently 340 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3865fd2748d0116f9860edb14c05d42c
03704661205321a35159e406b9b3b5a35a086692
5273f2093f12d49240d1349d51895be8966eea22f02134f6b1147c5e6e67f9b3
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:48 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
Content-Length: 340
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1
104.140.94.141200 OK 333 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (656), with no line terminators
Hash b6e601276758da760c48a68a1c1c7098
d4b73cdd4c315b383748f0715d56d10aea537292
833db43661633b5c8d55a6d12bf8c0b19c340661375630cac4e9f5d778b0d5bb
GET /wp-content/plugins/js-composer/assets/lib/vc_carousel/js/transition.min.js?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "290-5e501a5c8340c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 333
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0
104.140.94.141200 OK 374 B URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0
IP 104.140.94.141:0
Hash 6cb6dfce35465e6c0296aec28003bc49
9910c85cd65eee965ac4f673309bf01689d92d5e
a35824fd55cab76bf80dd58daa699665e0719bd2913012af360d75bb4055d081
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/newsletter/subscription/validate.js?ver=4.8.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "441-5e501a5caef3f-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 374
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/wp-embed.min.js?ver=4.7.23
104.140.94.141200 OK 735 B URL HTTP/2 www.irvineeldercare.com/wp-includes/js/wp-embed.min.js?ver=4.7.23
IP 104.140.94.141:0
File type ASCII text, with very long lines (1386), with no line terminators
Hash d2b60c1231015fbb2cfb0680a4fdfc87
2964b5bc32aad38d53ba3063503711c5cb6006ed
a83053c9a437c08c7d62ae9b07cf680d43a3ad129de64633eee91a860fab7844
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=4.7.23 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "56a-5e501a5d8a6e0-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 735
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.16
104.140.94.141200 OK 1.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.16
IP 104.140.94.141:0
File type ASCII text, with very long lines (4528), with no line terminators
Hash 1120cd5b0edd556b7f9e55ddb7590130
ab56b011fd9fdd5c7d34d3bd8b91f9935d9f5e17
debc926596bb3db188ba7bf42b6376c63df9eecd6825ff949d0d4b26310d8ddd
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.3.16 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "11b0-5e501a5d35b71-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1322
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
104.140.94.141200 OK 2.4 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP 104.140.94.141:0
File type ASCII text, with very long lines (7855), with no line terminators
Hash d32403263bb01c17b9b69d3f9d01f3fc
6a7810f026de39a8d37516d2ec56aabaf4f39cab
9c50bd091d05620a8c6678d800cb50bf64c862102a33b4ad19f914ceaa0b02cd
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1eaf-5e501a5d831b1-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2435
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/jquery-match-height/js/jquery.matchHeight-min.js?ver=1.1.4
104.140.94.141200 OK 1.4 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/jquery-match-height/js/jquery.matchHeight-min.js?ver=1.1.4
IP 104.140.94.141:0
File type ASCII text, with very long lines (521)
Hash 6854ce63cc086200aa71576b39853b9e
730966815d508402656927acbe9cec04ade5653d
aa723b8c98664c269cce42764cb97dc72e0c76b21565532a68767f6f11c4c5ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/library/jquery-match-height/js/jquery.matchHeight-min.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "d34-5e501a5d49007-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1383
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1.1.4
104.140.94.141200 OK 1.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1.1.4
IP 104.140.94.141:0
File type HTML document, ASCII text, with very long lines (5088)
Hash e5c798ea25ca01453dc79aae8c198d54
d3695c600ca7cffd5775eacbca5c64ad60c14250
c9b7688f87f9f80727e123e632bfc2755c265fd4a844964d7f73a7a937c137cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/library/theia-sticky-sidebar/js/theia-sticky-sidebar.min.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "141b-5e501a5d493ef-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1688
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/editorialmag-custom.js?ver=1.1.4
104.140.94.141200 OK 1.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/editorialmag-custom.js?ver=1.1.4
IP 104.140.94.141:0
File type ASCII text, with CRLF line terminators
Hash ac64966c7e310ae25cf0275cc9eb8b41
9ecbfa67407ce4fa2dac80c6015490a0946ba990
b5bb908d8062f96d9b7f35a8fbd39426c17b7998064ee4c23151098c18d999b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/js/editorialmag-custom.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1208-5e501a5d474af-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1340
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
104.140.94.141200 OK 34 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 104.140.94.141:0
File type ASCII text, with very long lines (31997)
Hash 6b2ceda6218e6810713286b29db017fb
71175271d84c90ca5f05ecc04d7f7a1052873380
de7a4d9a1cb75f0d1a4bf1a71907a44b85b9356da5c4f9e7f6729b8e69a38974
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "17a6a-5e501a5d83981-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 33776
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7
104.140.94.141200 OK 3.6 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7
IP 104.140.94.141:0
File type ASCII text, with very long lines (542)
Hash d171f0b57f67e731714e976d7e3effc9
d5db7ce71689da030335986004af8c8e7f7e346e
bbed2067b39d1d8e094f4431aff18ad239d04a186f28b33f7c8575342c3ce26f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-ajax-search/assets/js/yith-autocomplete.min.js?ver=1.2.7 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2b0d-5e501a5d2ea2a-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3589
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.15
104.140.94.141200 OK 2.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.15
IP 104.140.94.141:0
File type ASCII text, with very long lines (577)
Hash e12a60dec5d61df3408909a871b18ffc
e22dd480505e9b58429edc4909f1cde52f8f1979
4185d63eb8155c9dd7cea4e8f4289cd06da20a46e6c62058f58de840f6f05318
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=2.2.15 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2962-5e501a5d40f20-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2883
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1
104.140.94.141200 OK 3.3 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1
IP 104.140.94.141:0
Hash f28669a20d210fe8c593b9725104c1b7
6d586214dbf036816d4dafe692f8f8a7d5858036
57bdceafb5ff0e7b7197cbf718ed13f0fd5df080b0de582ddb81f1bf7189f5e5
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.6.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "2fa1-5e798533a1ed6-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3284
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1
104.140.94.141200 OK 37 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (27184)
Hash e83d81b6547dd15c59902a0b9c2776d0
6ba51781f5fcef943248cf43e3c23b0581df3361
02f700a3cdebd355831d895b3227940e8b8d6b868f3b4a3332d6a76dea0df5c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.3.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "1a376-5e501a5cfb1f7-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 37333
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5
104.140.94.141200 OK 2.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5
IP 104.140.94.141:0
Hash fb6a591695ce9b9fcbc9cafc54b88a01
dd828f4578cddb02d22c5eb32b3844543a7df97d
ac6dca8acc10ba7065c9521c3e55e4691fcbc8ee8ab0699bbc38f4b8fa5aa479
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.3.5 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "3afa-5e501a5c98bca-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2888
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1
104.140.94.141200 OK 2.8 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (9722), with no line terminators
Hash 1e4f92f6d5a02bb0b135ae4afa8811a4
d36d18e2b4f65bb8ffba922e35cebdbda7198496
d5f91ef61a45b28d9445ecdb68247d403b4f9bfe470ca18d33f5f2cce207672f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/lib/vc_carousel/js/vc_carousel.min.js?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "25fa-5e501a5c8340c-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2761
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
104.140.94.141200 OK 4.7 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 104.140.94.141:0
File type ASCII text, with very long lines (11827), with CRLF line terminators
Hash 78c76807cd811863da1aa05b64d5dd44
f01d2bf2dcf836c5def865724536f9258dc49d97
38b040a1996c581d9956b5193bf2f8922ce9ae0fcf4aa0e4d866395afb734279
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2e81-5e501a5d35789-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4715
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
104.140.94.141200 OK 4.0 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 104.140.94.141:0
File type ASCII text, with very long lines (15658)
Hash 6ea9b5bb25153f388b207e7ace2fd8f3
996696f49fa1da27c5bdaa9ad137dbb07ee48463
41d7aef81db85a75a0a668f3f8235ce54665afc804dfe36c7f2fddc6e43fd224
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "3d78-5e501a5d40f20-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4006
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
104.140.94.141200 OK 5.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
IP 104.140.94.141:0
File type ASCII text, with very long lines (14900)
Hash ebcf9ad4a94d5c31649dd4515ad0c7c0
e219102aa3fe113876fd76b578f9ea142d67d967
5af8e42123fc03e9a53e6fe91d95c64591e63d3c1f27703a24966154d7784747
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Thu, 01 Sep 2022 07:11:40 GMT
etag: "3b90-5e798533a2a8e-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5860
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
104.140.94.141200 OK 5.9 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 104.140.94.141:0
File type ASCII text, with very long lines (21592), with no line terminators
Hash e7ea1633b959bbaaae6977cc8576e0fd
9647a1164a2ea96dc87c396decea74be81276530
2b552dac8d5fb1334c0ab4061deb1d7e4b841dad3a7eec49fe832dfbf84629e5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "5458-5e501a5d0b3c5-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5851
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1
104.140.94.141200 OK 5.6 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (19302), with no line terminators
Hash 0efafbecce64312aea66b69f8ddcbbec
c34c4d59473aad7412257096b121fd752d7f13b6
19ecff382e9045abee99b4532cfb142f73a5cafe586cb7caf53f105a8ac91ce6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/js/dist/js_composer_front.min.js?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "4b66-5e501a5c79f9d-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5606
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-includes/js/masonry.min.js?ver=3.3.2
104.140.94.141200 OK 8.5 kB URL HTTP/2 www.irvineeldercare.com/wp-includes/js/masonry.min.js?ver=3.3.2
IP 104.140.94.141:0
File type ASCII text, with very long lines (28817)
Hash 25309b355cc141316c0cc8040bc53ec4
fa8fe7646937a6bae2204aa0b099a498c4d84766
2401e0a375cf7f6a4a278bd0ed84ac2b16c8e17d672634944a7f8c3934042f1c
GET /wp-includes/js/masonry.min.js?ver=3.3.2 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "711a-5e501a5d84921-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 8525
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1
104.140.94.141200 OK 44 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1
IP 104.140.94.141:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 093022cbb463574a78112bc1315e62d9
f6cab15675e35bca525d43a70ac20eed35d4cc74
69e831c5926dbf97dd3b6a38d722420eb2ab480320ec478194e6919392271a09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js-composer/assets/css/js_composer.min.css?ver=5.0.1 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "700bd-5e501a5c741dd-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 44397
content-type: text/css
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/moment.js?ver=1.1.4
104.140.94.141200 OK 32 kB URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/js/moment.js?ver=1.1.4
IP 104.140.94.141:0
File type Algol 68 source text\012- Pascal source, ASCII text, with CRLF, CR line terminators
Hash fec157f6220cd37724f71820dc93475d
659da1b5326f1d746a05103536a2774e4bc11843
1f204d5332aa648511bd2398421f2cf005454d9e79737989ee8a5a8d78b0436d
GET /wp-content/themes/editorialmag/assets/js/moment.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "2091e-5e501a5d47897-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 31593
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/woolrich-logo1.png
104.140.94.141200 OK 16 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/woolrich-logo1.png
IP 104.140.94.141:0
File type PNG image data, 210 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ad988dbf2c84529125ef17cc4791d43
6ae0c9f82cb0def8e24e6a9080798104b3ea1eb3
e152ea8720665af66af7fbeede20e2a8f3e7cc1eedbf9b818f01168f18caa5d4
GET /wp-content/uploads/2022/08/woolrich-logo1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 04:05:26 GMT
etag: "3fac-5e53a39ed8588"
accept-ranges: bytes
content-length: 16300
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/magliette-uomo-woolrich-maglietta-con-taschino-e-logo-in-rilievo-bright-white.jpg
104.140.94.141200 OK 35 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/magliette-uomo-woolrich-maglietta-con-taschino-e-logo-in-rilievo-bright-white.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Hash 9ba09ff0d086f594a9158268ec169f02
093dcdde89a016a483237ad1d50c7c6f86fb9773
831d2e7c42fa377cc193d8b78ff07e7b8bcc9c7a3ce37b5076fa6d96489db434
GET /wp-content/uploads/2022/08/magliette-uomo-woolrich-maglietta-con-taschino-e-logo-in-rilievo-bright-white.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:34:29 GMT
etag: "8771-5e52831244434"
accept-ranges: bytes
content-length: 34673
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-a-camicia-uomo-woolrich-giacca-a-camicia-cruiser-in-eco-ramar-melton-blue.jpg
104.140.94.141200 OK 78 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/giacche-a-camicia-uomo-woolrich-giacca-a-camicia-cruiser-in-eco-ramar-melton-blue.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Hash 493e68e00dcfacd15eb099b07c2bbefb
4f16cc86010bcd01dd7ae9f9861e4f96897737c3
c0d82280758482b231693392dc06a6368adb8524f8ab9fb6a4b156f5f8b2cd71
GET /wp-content/uploads/2022/08/giacche-a-camicia-uomo-woolrich-giacca-a-camicia-cruiser-in-eco-ramar-melton-blue.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:19:13 GMT
etag: "1324a-5e527fa89de70"
accept-ranges: bytes
content-length: 78410
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donnauomo-woolrich-borsa-tote-in-ripstop-military-green.jpg
104.140.94.141200 OK 102 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donnauomo-woolrich-borsa-tote-in-ripstop-military-green.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 102 kB (101486 bytes)
Hash eefc3985bd8b59e103c94f816273145d
357ee5fff3ae3a6acde78c5ae58b7d076e755675
97e83adf3cb4bf2107ac3f19d923bdc7bdf957c8c2c79293324e038a0a6d729d
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donnauomo-woolrich-borsa-tote-in-ripstop-military-green.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:38:48 GMT
etag: "18c6e-5e52840972687"
accept-ranges: bytes
content-length: 101486
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/accessori-per-cani-donnauomo-woolrich-parka-per-cani-di-taglia-grande-temelliniwoolrich-brown-olive.jpg
104.140.94.141200 OK 64 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/accessori-per-cani-donnauomo-woolrich-parka-per-cani-di-taglia-grande-temelliniwoolrich-brown-olive.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Hash 2d7d532713db7f4a53dedd8eaa2a83ec
971ecb4001e32fbbb2e8afb5302aa4036459e71d
2bed2640c523c013af16f2d2a88d39a4e5e615f8f6fea568bd53cf676bd62844
GET /wp-content/uploads/2022/08/accessori-per-cani-donnauomo-woolrich-parka-per-cani-di-taglia-grande-temelliniwoolrich-brown-olive.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:30:35 GMT
etag: "fbd4-5e528232b93af"
accept-ranges: bytes
content-length: 64468
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-summer-parka-rusty-brown.jpg
104.140.94.141200 OK 114 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-summer-parka-rusty-brown.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 114 kB (114037 bytes)
Hash 0518b19126b28c4aae19d91ed14212bb
e58221611c6332d177c5f1d2befff6063d643cb3
f1ee05eed5542a13d61e288de19b18c71255b8b0dce91eb214259263999043b4
GET /wp-content/uploads/2022/08/water-resistant-donna-woolrich-summer-parka-rusty-brown.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:16:37 GMT
etag: "1bd75-5e527f14088ed"
accept-ranges: bytes
content-length: 114037
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-donna-woolrich-gilet-ellis-imbottito-lungo-in-microfibra-black.jpg
104.140.94.141200 OK 100 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/gilet-donna-woolrich-gilet-ellis-imbottito-lungo-in-microfibra-black.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 100 kB (100444 bytes)
Hash 63ffc410887c8c9b99be86fd8167218f
92d5f02ec22d3cd74527f700f4ab74ab02f31ca2
b2a9589c3912662a7390fa2b0fc67a84549c02f56a54e71713e6dad2e08d6375
GET /wp-content/uploads/2022/08/gilet-donna-woolrich-gilet-ellis-imbottito-lungo-in-microfibra-black.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:06:24 GMT
etag: "1885c-5e527ccb4167b"
accept-ranges: bytes
content-length: 100444
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-giacca-pequea-in-jersey-elasticizzato-juice.jpg
104.140.94.141200 OK 101 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/water-resistant-donna-woolrich-giacca-pequea-in-jersey-elasticizzato-juice.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 101 kB (100925 bytes)
Hash 9d60b2329505e2e76655609c82a576d4
6948e116afdbe54c8f4926e4f02e2b01a86da17b
f42ffd3c2f02255d268beff0d3715137ddd0fed3bde9a63e2ba982fb7385a3f3
GET /wp-content/uploads/2022/08/water-resistant-donna-woolrich-giacca-pequea-in-jersey-elasticizzato-juice.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:17:20 GMT
etag: "18a3d-5e527f3d2faf7"
accept-ranges: bytes
content-length: 100925
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
104.140.94.141200 OK 113 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 113 kB (113252 bytes)
Hash 7e8146205a57f6d15866c808eae83779
b6305db6dd1e5122fc1ce8eaa9775ac2fabf881d
034bf97660b2208017194ae13b33e8df3a47ca19d71e00bd71e14599cc1655f6
GET /wp-content/uploads/2022/08/borse-e-piccola-pelletteria-donna-woolrich-borsa-tote-in-tela-natural.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:39:24 GMT
etag: "1ba64-5e52842b4a007"
accept-ranges: bytes
content-length: 113252
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/camicie-uomo-woolrich-camicia-cruiser-in-flanella-con-motivo-check-gold-khaki-check.jpg
104.140.94.141200 OK 223 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/camicie-uomo-woolrich-camicia-cruiser-in-flanella-con-motivo-check-gold-khaki-check.jpg
IP 104.140.94.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1200, components 3\012- data
Size 223 kB (222749 bytes)
Hash 18abd9a7fa27cd35681c811491e72014
b56f02957067cfd059b028b0c117cd39a8055855
9483d185ef4a2c80fee47fafb0bccf2852bdc10e135f80cadd768a9ed6ac3033
GET /wp-content/uploads/2022/08/camicie-uomo-woolrich-camicia-cruiser-in-flanella-con-motivo-check-gold-khaki-check.jpg HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Mon, 01 Aug 2022 06:31:43 GMT
etag: "3661d-5e5282741c4c6"
accept-ranges: bytes
content-length: 222749
content-type: image/jpeg
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/45637700_10158106387959966_3073163333533171712_n1.png
104.140.94.141200 OK 424 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/45637700_10158106387959966_3073163333533171712_n1.png
IP 104.140.94.141:0
File type PNG image data, 550 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 424 kB (424375 bytes)
Hash 4f0d85822abe570844ca9ddf40066ada
2bcf66494d9514f00c014abdc3da799483a88943
de1a3a11e20cc07cfd87fad430912bab96a677df8dd9671a022f6d3db6398b4d
GET /wp-content/uploads/2022/08/45637700_10158106387959966_3073163333533171712_n1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:52:33 GMT
etag: "679b7-5e53c8f9de5e0"
accept-ranges: bytes
content-length: 424375
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
104.140.94.141200 OK 1.1 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 104.140.94.141:0
File type ASCII text, with very long lines (6758), with no line terminators
Hash bac3c679da4930209be92b338cb74b7f
1a18633b3aecdcb7146475a1f6a90c58058f9e9b
b5b63cee0120e4cf9a183bab0905af9d4fa8712d4afef4d0b7d7c0f914ae26b3
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "255e-5e501a5d0a426-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3533
content-type: application/javascript
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/53832784_2239251702955963_7213939100288548864_n1.png
104.140.94.141200 OK 458 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/53832784_2239251702955963_7213939100288548864_n1.png
IP 104.140.94.141:0
File type PNG image data, 550 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 458 kB (458106 bytes)
Hash 0bb8c470c058104c6dd60d12e12ef2e4
bc87ad0c1c7bcbdbbbf7bd419a97e34c79c4ac5d
47e148f9c5dcafad70bfb5b895fc9476774fb35f00b9685b918965be3e941f11
GET /wp-content/uploads/2022/08/53832784_2239251702955963_7213939100288548864_n1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:50:56 GMT
etag: "6fd7a-5e53c89cac57f"
accept-ranges: bytes
content-length: 458106
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
104.140.94.141200 OK 72 kB URL HTTP/2 www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 104.140.94.141:0
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
GET /wp-content/plugins/js-composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.irvineeldercare.com/wp-content/plugins/js-composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.0.1
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:49 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:22 GMT
etag: "118d8-5e501a5c80cfc"
accept-ranges: bytes
content-length: 71896
vary: Accept-Encoding,User-Agent
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/274542497_10161894354874966_3440929249583224645_n1.png
104.140.94.141200 OK 590 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/274542497_10161894354874966_3440929249583224645_n1.png
IP 104.140.94.141:0
File type PNG image data, 550 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 590 kB (590312 bytes)
Hash 13b8c3ab89a44c0b9c3d09f0599e1aaa
b202c18722e4ab47744eb8de6309ef85fc003181
15c1c953a954fc5f889e0151174920648a1442052a55e084dcaebc5505387dd3
GET /wp-content/uploads/2022/08/274542497_10161894354874966_3440929249583224645_n1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:55:33 GMT
etag: "901e8-5e53c9a521b68"
accept-ranges: bytes
content-length: 590312
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/277670596_10161949938849966_6858598286180180588_n1.png
104.140.94.141200 OK 703 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/277670596_10161949938849966_6858598286180180588_n1.png
IP 104.140.94.141:0
File type PNG image data, 550 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 703 kB (703276 bytes)
Hash 2ea10da8413e624a94ef7846c9e21339
9a0fc72ee8513621f41b5545ec6ccbef4eae9260
a8e4fd4a67957a30c89fca4bac269bad2402aae456a1ca924b0ac34963517900
GET /wp-content/uploads/2022/08/277670596_10161949938849966_6858598286180180588_n1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:56:46 GMT
etag: "abb2c-5e53c9ea79732"
accept-ranges: bytes
content-length: 703276
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/12322564_10154430580629966_6111676659585967825_o1.png
104.140.94.141200 OK 824 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/12322564_10154430580629966_6111676659585967825_o1.png
IP 104.140.94.141:0
File type PNG image data, 1200 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 824 kB (824400 bytes)
Hash 418c406e1d22232b0757423bf1c224e8
252cc9235d0783d09ea0639704b08cf710d2b0e1
7da105448882db15a0ce200e70314d475f8189aa40c4f2dd95f701d8b070f5e2
GET /wp-content/uploads/2022/08/12322564_10154430580629966_6111676659585967825_o1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 09:37:46 GMT
etag: "c9450-5e53ede770990"
accept-ranges: bytes
content-length: 824400
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/12186239_10154345370374966_7805643961138644739_o1.png
104.140.94.141200 OK 1.0 MB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/12186239_10154345370374966_7805643961138644739_o1.png
IP 104.140.94.141:0
File type PNG image data, 1200 x 550, 8-bit/color RGBA, non-interlaced\012- data
Size 1.0 MB (1009218 bytes)
Hash b8c591208dcd1ec297ad1b30cd77b1ed
1e07e4bd8782a02e09f49951b26c6de67ca086bb
0915f28a56baaaca45fa73e44f1def3e1939d2b18e0f143e8f0fa77d387d7b64
GET /wp-content/uploads/2022/08/12186239_10154345370374966_7805643961138644739_o1.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 09:37:57 GMT
etag: "f6642-5e53edf245b81"
accept-ranges: bytes
content-length: 1009218
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
104.140.94.141301 Moved Permanently 284 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1f2721485eb75a831596bc165927fefb
953cde1aadff50bdd8bcf64b51aa1bbe717937df
8c70b6ed63b0c620cc5dd0329bda75ba085b7a095f4bd65ac63347ef75c7d1a1
GET /wp-content/uploads/2022/08/favicon-96x96.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:50 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
Content-Length: 284
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
104.140.94.141301 Moved Permanently 299 B URL HTTP/1.1 www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
IP 104.140.94.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5e9043648886b71231bcf42ddb349042
2a2a0c9f8bccc9b132bbde00af76ba0da105593b
b409cd56fcd3e7704d470f1c40ed069e61763b209dfd3b5d3624ca5a799ebb5d
GET /wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 20:19:50 GMT
Server: Apache/2
Location: https://www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
Content-Length: 299
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.irvineeldercare.com/?wc-ajax=get_refreshed_fragments
104.140.94.141200 OK 164 B URL HTTP/2 www.irvineeldercare.com/?wc-ajax=get_refreshed_fragments
IP 104.140.94.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9321f8c25b298fb366d0691ebe7a505c
46b09819b9a87ed18bd09b10e47a8ad536f2660c
02dd9606d7a707cb96c36867d89a9aef6732ea21cb79688233e2c31c6046fc42
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.irvineeldercare.com
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:49 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
pragma: no-cache
access-control-allow-origin: https://www.irvineeldercare.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 164
content-type: application/json; charset=UTF-8
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
104.140.94.141200 OK 2.0 kB URL HTTP/2 www.irvineeldercare.com/wp-content/uploads/2022/08/favicon-96x96.png
IP 104.140.94.141:0
File type PNG image data, 80 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 4957d80a725c8f31859945c9ac011a46
c369bfd1265c21c3c5a6004396c89a85abaed26f
c2966a59dc64cda1dd6262b1241ad2ea199ef4c849835db8861086501a4214dd
GET /wp-content/uploads/2022/08/favicon-96x96.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:50 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 04:05:12 GMT
etag: "7e9-5e53a391af897"
accept-ranges: bytes
content-length: 2025
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
104.140.94.141200 OK 957 B URL HTTP/2 www.irvineeldercare.com/wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png
IP 104.140.94.141:0
File type PNG image data, 32 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f279c3b2b5e3710e8015b1404e433ba
b26452482d777a0f7059132e55ad3ef4756e269c
c945efa8ad91490e4ae5caa32260f7d64fe5732db591e6f96379a41b7200d9a4
GET /wp-content/cache/thumbnails/2022/08/favicon-96x96-32x32.png HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:50 GMT
server: Apache/2
last-modified: Tue, 02 Aug 2022 06:00:14 GMT
etag: "3bd-5e53bd47f3983"
accept-ranges: bytes
content-length: 957
content-type: image/png
X-Firefox-Spdy: h2
www.irvineeldercare.com/?wc-api=wpcf7customer&__v=1664137187774
104.140.94.141200 OK 0 B URL HTTP/2 www.irvineeldercare.com/?wc-api=wpcf7customer&__v=1664137187774
IP 104.140.94.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?wc-api=wpcf7customer&__v=1664137187774 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 211
Origin: https://www.irvineeldercare.com
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:49 GMT
server: Apache/2
x-powered-by: PHP/5.6.40
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:16:33 GMT
age: 43399
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/lightslider/js/lightslider.min.js?ver=1.1.4
104.140.94.141200 OK 0 B URL HTTP/2 www.irvineeldercare.com/wp-content/themes/editorialmag/assets/library/lightslider/js/lightslider.min.js?ver=1.1.4
IP 104.140.94.141:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/editorialmag/assets/library/lightslider/js/lightslider.min.js?ver=1.1.4 HTTP/1.1
Host: www.irvineeldercare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Cookie: PHPSESSID=re0f5bshpv1pv987bjg82420s2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:19:48 GMT
server: Apache/2
last-modified: Sat, 30 Jul 2022 08:35:23 GMT
etag: "3e97-5e501a5d493ef-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4945
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Signika+Negative%3A300%2C400%2C600%2C700%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&ver=1.1.4
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Signika+Negative%3A300%2C400%2C600%2C700%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&ver=1.1.4
IP 142.250.74.10:0
GET /css?family=Signika+Negative%3A300%2C400%2C600%2C700%7COpen+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&ver=1.1.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.irvineeldercare.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 20:19:48 GMT
date: Sun, 25 Sep 2022 20:19:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2