cedargbltd.co.uk/
92.205.3.88301 Moved Permanently 0 B IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 17:22:18 GMT
Server: Apache
X-Powered-By: PHP/7.4.32
X-Pingback: http://www.cedargbltd.co.uk/xmlrpc.php
Expires: Sun, 06 Nov 2022 18:22:18 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://cedargbltd.co.uk/
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5786
Expires: Sun, 06 Nov 2022 18:58:44 GMT
Date: Sun, 06 Nov 2022 17:22:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3004
Cache-Control: max-age=151129
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 17:22:18 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:21:07 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5496
Cache-Control: max-age=153621
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 17:22:18 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 12:02:39 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17740
Expires: Sun, 06 Nov 2022 22:17:58 GMT
Date: Sun, 06 Nov 2022 17:22:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4sqmqM16HjBhL2UZbJ2u1i5jrFedY0ZTtVGbLthHigaFfSrt0H768t6JWWXBiF5U9DgFHW+sE6A=
x-amz-request-id: KG6B0X7VNKT8KA5C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 16:47:42 GMT
age: 2076
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 17:22:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cedargbltd.co.uk/
92.205.3.88301 Moved Permanently 1 B IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.32
x-pingback: https://www.cedargbltd.co.uk/xmlrpc.php
expires: Sun, 06 Nov 2022 18:22:18 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://www.cedargbltd.co.uk/
vary: Accept-Encoding
content-encoding: br
referrer-policy: no-referrer-when-downgrade
content-length: 1
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 17:22:18 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/
92.205.3.88200 OK 10 kB IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5759), with CRLF, CR, LF line terminators
Hash adb8b480fdb1c886757f0a3d77fe0b37
62962715a26a50d001c6d481262fc331d9708f56
816df4648f666b93e4329df7173a64bbad9666433ca2cbe8c5c0b132c822b9f1
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
x-pingback: https://www.cedargbltd.co.uk/xmlrpc.php
link: <https://www.cedargbltd.co.uk/wp-json/>; rel="https://api.w.org/", <https://www.cedargbltd.co.uk/>; rel=shortlink
vary: Accept-Encoding
content-encoding: br
referrer-policy: no-referrer-when-downgrade
content-length: 10097
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
92.205.3.88200 OK 4.3 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (25245), with no line terminators
Hash e1588512ae6f5668db3d5291417217d2
c4011f6726f18a8881868e86f64133174bd5e0d9
6d1600a649c74bd6b312a5651585856250a0fe17282ee9c2ece5de16265e4cc0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "629d-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 4268
content-type: text/css
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/plugins/vc-simple-all-responsive/assets/media.css?ver=5.1.15
92.205.3.88200 OK 500 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/plugins/vc-simple-all-responsive/assets/media.css?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash d12a4d5a4f3996478b63e9c50f8164b0
e54094a259fa6906be35a6384b15974b025755d7
1f419a174b9a2f1514776a30086386374ca501e8d966d39e771a7151e6157c1b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/vc-simple-all-responsive/assets/media.css?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:14:44 GMT
etag: "d61-58500c7e94100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 500
content-type: text/css
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
92.205.3.88200 OK 651 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash f026e73e8b072cc3ae1491702b9c491a
5cf262adbd7a8a0d067230081688c0f8fe6c36f8
c2340e9fff602440a6a9daadf0e90fc5eb265bd6fbd495d77d7891a303575b29
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Apr 2019 13:13:08 GMT
etag: "695-585c83f72e100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 651
content-type: text/css
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.11.4
92.205.3.88200 OK 7.4 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.11.4
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (28290)
Hash 18026b00695d63b11d1b60de4d5b5271
b914932f0c059911b37dd30bf64f44f7a007bcaf
3251f919ffeb27cfa77bb8c7ca01a8424a9348b917c4681855707b070379d9de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/jquery-ui/themes/smoothness/jquery-ui.min.css?ver=1.11.4 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Apr 2019 13:13:08 GMT
etag: "7545-585c83f72e100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 7376
content-type: text/css
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 17:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cedargbltd.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
92.205.3.88200 OK 4.0 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 12:48:39 GMT
etag: "2748-584febd79f7c0-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 4014
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/plugins/bold-page-builder/script_fe.js?ver=1
92.205.3.88200 OK 564 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/plugins/bold-page-builder/script_fe.js?ver=1
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 1c96e3d4820196a1dc0c4a8c34cee94f
2dd7b775f58b1d929c478902ba3b8e7565df727a
d842eb035b7690a78e68dd9455b09de5084d17b6dcf8dd8719453f61fa1501f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/script_fe.js?ver=1 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Apr 2019 15:57:52 GMT
etag: "5eb-58693b6fe8000-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 564
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/plugins/medicare/bt_elements.js?ver=5.1.15
92.205.3.88200 OK 2.3 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/plugins/medicare/bt_elements.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 54dad87e5d51b6f9b21269465fe57d5d
3275336a00456f397112e130a014be949c3fedb4
eb6332c59e6e845a0c8913f0b329da20e14f3147b65f9f8a41b61468e9fe1ddb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/medicare/bt_elements.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 16:36:49 GMT
etag: "2460-58501ed76ca40-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 2334
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash b8988c44d656e4521aa7d84091f926d3
debd55429e2a0f0bcd257201f2efe00d2e7ed35f
e04704fa687f5daa90436f47c59fabadc7779f604a68cef3baf6b97a0bc5e92b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 17:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?key=AIzaSyAg2jwkeMTmEtJdhVrAavW1wweTtvSj8h8&ver=5.1.15
142.250.74.42200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyAg2jwkeMTmEtJdhVrAavW1wweTtvSj8h8&ver=5.1.15
IP 142.250.74.42:0
File type ASCII text, with very long lines (2456)
Hash b12e808f17776fc9bd28beb40f5971eb
9d26f453414afcdfb3e790bf11c91b4a2c68a77c
ca49f480edadd7994d28fd1e4377fa0a612d558d73d40f08689d98d167ffcf80
GET /maps/api/js?key=AIzaSyAg2jwkeMTmEtJdhVrAavW1wweTtvSj8h8&ver=5.1.15 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cedargbltd.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Sun, 06 Nov 2022 17:22:19 GMT
expires: Sun, 06 Nov 2022 17:52:19 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53390
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 17:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2354
Cache-Control: max-age=145426
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 17:22:19 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 09:46:05 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.cedargbltd.co.uk/wp-includes/js/comment-reply.min.js?ver=5.1.15
92.205.3.88200 OK 1.0 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/comment-reply.min.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (2160), with no line terminators
Hash f393330905d21de1c465e5e59ea89dd6
344dc6d285ed039eb73ec4d8d6e766ae7a2b9c75
c5c95b0bff967815549fbb0e6ee02ac12c500440603cb4858451804a32435ddc
GET /wp-includes/js/comment-reply.min.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "870-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1044
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfb890b0743cd175d499cc5982ffd4e7
58d813a09ea8b72352934db9179d490c4242befb
2d15c0279a7fcc1ca3649f64c6706986c33a317054636dc2b5bdee4d657aecf4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D15C0279A7FCC1CA3649F64C6706986C33A317054636DC2B5BDEE4D657AECF4"
Last-Modified: Sun, 06 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21522
Expires: Sun, 06 Nov 2022 23:21:01 GMT
Date: Sun, 06 Nov 2022 17:22:19 GMT
Connection: keep-alive
www.cedargbltd.co.uk/wp-includes/js/wp-embed.min.js?ver=5.1.15
92.205.3.88200 OK 739 B URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/wp-embed.min.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "56f-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 739
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
92.205.3.88200 OK 1.8 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (3704)
Hash d09c67b2d33eb50a84d339a7cde02035
1e7241c64151c8e7d557d0a8189642687b508c57
45fbf1bba773b7c5d7135f4f8ab057178d281e002ddab66d7d594edc3619ac13
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "f59-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1813
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/fancySelect.js?ver=5.1.15
92.205.3.88200 OK 1.7 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/fancySelect.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash 6907e6260d134b14ca7e8c75b10a9680
a12efb678c0ee4e2e41453a0d26fc90c061109a8
b1efdbbf5d9b99ba4b581440b48cab76285bc283d7405ede423158effa142ffe
GET /wp-content/themes/medicare/js/fancySelect.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "1aec-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1716
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/viewport-units-buggyfill.hacks.js?ver=5.1.15
92.205.3.88200 OK 1.4 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/viewport-units-buggyfill.hacks.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash ba0fe61a293ee224d5c10f182511fee4
853d687487862e9a677cd42a1434a1e4aa721284
58918ef64f821c3d74ff6b93aaeb4858656b5459fefb3d0e96a66e29f0785fcb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/viewport-units-buggyfill.hacks.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "d71-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1373
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/sliders.js?ver=5.1.15
92.205.3.88200 OK 1.7 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/sliders.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash 46546275d8c2619faf49a12143faae38
cf5098446097e3ba6eb95ad6415d3cb12dc204e4
5ed93098435606f46fa5387b90fe1e85429ead89e9f926dd6126b3f42388523e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/sliders.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "1cee-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1686
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
92.205.3.88200 OK 4.0 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash 179ff7e7ba061cb009f29849fc15f071
f824ebc474c27b208137b68aa51d5d0d2b3a89e9
b889c73e9da05e33847d3ab6f1f98c172204c3e4cb2e4832863695f34e2270de
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Apr 2019 13:13:08 GMT
etag: "3868-585c83f72e100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 3993
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/header.misc.js?ver=5.1.15
92.205.3.88200 OK 2.9 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/header.misc.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash f745bd0ecc6c41a73c725422beabe2e0
a50b58cea321e0e16a8250e92fe9abae4a757e86
fbc423f0e292c1f0f9b5edd458c8cf6132a31c17bae1492b600d053095742c9c
GET /wp-content/themes/medicare/js/header.misc.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "2d5b-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 2899
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/plugins/medicare/bt_gmap.js?ver=5.1.15
92.205.3.88200 OK 618 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/plugins/medicare/bt_gmap.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with CRLF line terminators
Hash d0979f2587c938f0ea9146c797f2c3a8
5eefd9c7023ac7f35665ef920c728e4a475159dc
1514c9b1f56c543841fe045481a76f012d0bbe9c3e210155e6642ac79d868814
GET /wp-content/plugins/medicare/bt_gmap.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 16:36:49 GMT
etag: "662-58501ed76ca40-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 618
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/dir.hover.js?ver=5.1.15
92.205.3.88200 OK 1.0 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/dir.hover.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash 70c55cf222765e30dca5d2d8a0ac3f5e
fbdfa99b2e7eedd754cf9f43747a5f78cec9d9f8
1660f7778203829c50581e49acd72dcf6c3005291a7455c8651cbbba1f04bad1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/dir.hover.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "17ba-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1010
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
adsnet.work/scripts/placer.js
193.3.19.36200 OK 377 B URL HTTP/1.1 adsnet.work/scripts/placer.js
IP 193.3.19.36:0
ASN #50340 OOO Network of data-centers Selectel
Hash 4435b6168b6acda2edea1c16ab2d857a
eff2c42517e44a568b5011125b5cba022f27f67f
dcd5ff0b5118befd94a04b7bbc750b5a7b473e39fefd81e235f79bd848916569
Analyzer Verdict Alert fortinet Malware
GET /scripts/placer.js HTTP/1.1
Host: adsnet.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cedargbltd.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 17:22:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.cedargbltd.co.uk/wp-content/themes/medicare/js/misc.js?ver=5.1.15
92.205.3.88200 OK 4.1 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/misc.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash 2f40212a96d3a28eb4841305042f5f1f
664a7f3229bf6bf2001793c642fb7ce799e25d69
7b16eea49f1326faf61165c6fd1a0eef7f9ec7fa9ae284692dd3bfc51eb006bd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/misc.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "35c1-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 4066
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4
92.205.3.88200 OK 2.3 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (6839)
Hash 733c08a4e34278cce6ca01f7dfe816b2
645291602ac0c9b08920421e2ddc711a66d59aeb
b2d52d32bf343e462f8b703f40c54909d4fe2461d1faacf4a6772d09c88754c5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/spinner.min.js?ver=1.11.4 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "1b92-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 2311
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
92.205.3.88200 OK 2.5 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (6603)
Hash ec6dcd00af82068551b3a60045c86824
140ac89dc8ae6ffebecb269e0ebd88bfbc0c2686
1a9a7a2329ce40bd74814e4f6acaddce722e9b53187fb109f39e793ffe50c46e
GET /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "1aab-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 2543
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
92.205.3.88200 OK 2.1 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/jquery/ui/button.min.js?ver=1.11.4
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (6998)
Hash ae886c64472609bb4df403a24941a0e0
b60a1dcce36584f49891d9a4b5a8bac3baa7a237
cac4d6e650f539b4c991eaecf2a1c9e2c376ce7615fd34f88a5e5f5f6fe51f6c
GET /wp-includes/js/jquery/ui/button.min.js?ver=1.11.4 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "1c2f-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 2075
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/modernizr.custom.js?ver=5.1.15
92.205.3.88200 OK 5.9 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/modernizr.custom.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type HTML document, ASCII text, with very long lines (14586), with no line terminators
Hash 947e47ea697b291e14abde9c252204ae
50e720d9c67229ffa831e6bd3981368295e9feb3
ea2370942456a2eea18efe2fa97cd3454839217705fad03564e94c2f888343df
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/modernizr.custom.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "38fa-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 5938
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
92.205.3.88200 OK 4.4 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (9071)
Hash 3ae272b8c845c687dadb91d2b11806c5
45c0db9e54119706830ebf49e5e7a06e23ff7862
9dbd99f635de9fbd3f232da64b932832644a7eeedc795dc914d68a6850c5081c
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "2eaf-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 4353
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/jquery.magnific-popup.min.js?ver=5.1.15
92.205.3.88200 OK 7.7 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/jquery.magnific-popup.min.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (21014)
Hash 65c47d1ebb4407f2de1e06c1c5a78611
09550b46c5c3687fcc661a781188ca325c6e37f6
ef98dc596358a97005d604dd239f2e2aa94f7869b35ba1d29c7eb3aca775319b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/jquery.magnific-popup.min.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "5297-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 7687
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/viewport-units-buggyfill.js?ver=5.1.15
92.205.3.88200 OK 4.6 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/viewport-units-buggyfill.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash 6c48401361d6f046c5f07c3486f1f87b
b615ca6e53fa311a7e4f63a7c79f6d8bf198d0ba
2a6ebca354de8b19b97fe9a8d858f9710332c8379ff5343c8bcde94feb293f35
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/viewport-units-buggyfill.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "349a-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 4595
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/css/magnific-popup.css?ver=5.1.15
92.205.3.88404 Not Found 5.2 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/css/magnific-popup.css?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3180), with CRLF, LF line terminators
Hash 2a71ec3eac5739a9bae36ee05457363e
85ea9351708efee1b042e9e019fd6afd639b2f08
e13c0aa9d27a0218b8fe5d73adcf5fc338abd3d428ccadca754d1d9c5a7d73cb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/css/magnific-popup.css?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.cedargbltd.co.uk/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: br
referrer-policy: no-referrer-when-downgrade
content-length: 5183
content-type: text/html; charset=UTF-8
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
92.205.3.88200 OK 11 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (35947)
Hash b52eef38de5225e78120f6416095ddec
96b277fbf0e901b82e2e2fc934d47e879f79fe7a
3a715214b6d47381087e2d01fcb53ff91fd0a03360751b41becd3ef176cdbe3a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 12:40:04 GMT
etag: "8d4c-5c002299a5100-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 10782
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/slick.min.js?ver=5.1.15
92.205.3.88200 OK 9.7 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/slick.min.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (32012)
Hash d0e22ae3f1b75e95a37e328be65a37e1
682dcb46b6f3235bfd52a9aa79ac43b242796b44
83711381bf54fa5d90517a15778defa6eb1f09d6dfb400c7dcb15bddad1912f1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/slick.min.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "9e0d-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 9736
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/iscroll.js?ver=5.1.15
92.205.3.88200 OK 11 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/iscroll.js?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash 7a5b4a3a7cf593e2dc57c73fb02373c6
baedced64632945a26aecd91e8f0163ddfbf65a6
fdd341076ed00c66ddc45f6d35ae2976d7ea7a126d07ae3d23b18923ef5fbb8a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/iscroll.js?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "c3a6-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 11109
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-includes/js/jquery/jquery.js?ver=1.12.4
92.205.3.88200 OK 34 kB URL HTTP/2 www.cedargbltd.co.uk/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (31997)
Hash acf54950dfb2d6981e941d733b377591
340de686aecd9e6246a32c71e7de63ed69229ceb
d97f66caea5260bc71609f0da43ac0d937ecc09253910e5dda4c9fe4dbde20fc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 05 Sep 2019 12:39:07 GMT
etag: "17a69-591cd9b8410c0-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 33776
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SB7wBI7gJiF20GehAD1Y4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aygZ5ugPbD25trjCuoQm8knihsA=
www.cedargbltd.co.uk/wp-content/uploads/2015/12/signature.png
92.205.3.88200 OK 88 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2015/12/signature.png
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type HTML document, ASCII text, with no line terminators
Hash 9a1e2166191146a66feae2c09d01686c
02ec95b46a491385f3c7cb9bb65096ba7fd3e728
510eb260c3260693632181009c6474585c0baee61320927a50d1681b51730298
GET /wp-content/uploads/2015/12/signature.png HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 16:38:32 GMT
etag: "58-58501f39a7200"
accept-ranges: bytes
content-length: 88
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/04/twomen.jpg
92.205.3.88200 OK 6.9 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/04/twomen.jpg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 266x177, components 3\012- data
Hash c6740c3215f04c300cf99988dd801833
503d05447e9d96f02892d694a27fa3d63f82d704
1d6764e3cb43d1b6b4c8a0ee23c4ca45e81745810284ba95bf0f6139b54bb1be
GET /wp-content/uploads/2019/04/twomen.jpg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Apr 2019 15:54:09 GMT
etag: "1acc-58693a9b3ca40"
accept-ranges: bytes
content-length: 6860
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/04/femalworker.jpg
92.205.3.88200 OK 9.0 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/04/femalworker.jpg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 266x177, components 3\012- data
Hash f6117f287b0099d5556f9f31198abfa0
db5c1fad0cf6e4458d5e8a077d777a2cd7b992f1
dfa9b03137010eafd5a23ca9c80ea93dd0dba79a4e392b4c4d21c731d4eb4349
GET /wp-content/uploads/2019/04/femalworker.jpg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Apr 2019 15:53:43 GMT
etag: "2333-58693a8270fc0"
accept-ranges: bytes
content-length: 9011
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/04/giving-tour.jpg
92.205.3.88200 OK 12 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/04/giving-tour.jpg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 266x177, components 3\012- data
Hash b13cd6f01656efa8493b7e90f5d3e8bf
a27452d4259df1d87b269197f2a8a095b5600f4b
9bc35c319182e6c60f635b8198226d76542637f802a6c2cf1eb59104edcd824e
GET /wp-content/uploads/2019/04/giving-tour.jpg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Apr 2019 15:53:56 GMT
etag: "2e87-58693a8ed6d00"
accept-ranges: bytes
content-length: 11911
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/04/Alistair.jpg
92.205.3.88200 OK 19 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/04/Alistair.jpg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 455x431, components 3\012- data
Hash 222d1201dc1730572b63837a404a8722
3d1946e3b9850a3197e3106d85c97ec3d3a7fac5
79423e1bceb902b18e01aff722efe7cc7c59930262efcdf97004f0f52c116181
GET /wp-content/uploads/2019/04/Alistair.jpg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Apr 2019 15:37:42 GMT
etag: "4a03-586936edf5d80"
accept-ranges: bytes
content-length: 18947
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 17:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cedargbltd.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:40:18 GMT
expires: Fri, 03 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 261721
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 17:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cedargbltd.co.uk/wp-content/themes/medicare/print.css?ver=5.1.15
92.205.3.88200 OK 827 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/print.css?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Hash d24235438504f10d3d11eef22226be6d
9ca6c9210bfaf739bc3cf1055986f5baffae11c4
77ccef7f71c5f610ee0c69236a166af9ffa3007f67a9a6de129cd6afab16dfe5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/print.css?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "dfc-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 827
content-type: text/css
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/03/cedar-logo-white.png
92.205.3.88200 OK 67 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/03/cedar-logo-white.png
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type PNG image data, 218 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash c378735d06aaaca1d568a9d8b2137cf2
720d19207fb5c2a44114bc6ea92e9c792d876e6c
da74656e281af975983efa645dfff596981293812715da65621afe21e0c6cede
GET /wp-content/uploads/2019/03/cedar-logo-white.png HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Mar 2019 15:27:49 GMT
etag: "1050d-58515148ac740"
accept-ranges: bytes
content-length: 66829
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/03/cedar-logo.png
92.205.3.88200 OK 85 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/03/cedar-logo.png
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type PNG image data, 218 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash 37f740e24c1e803cc5d16f38e26600ee
78cde0df92890a8f0403e556faa199c55a952cf3
5c33c23b790e357ec12a4e73ec7afdf1f47a5fcfb3270abf9c02682ca6c6a363
GET /wp-content/uploads/2019/03/cedar-logo.png HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 13:52:49 GMT
etag: "14aab-584ffa2f44e40"
accept-ranges: bytes
content-length: 84651
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourceserifpro/v15/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/sourceserifpro/v15/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19980, version 1.0\012- data
Hash 98704f42d118d52a4979dc08df276440
0066115b1dfedfe4cb6294fbdc73f921e6062ab9
547a2c05a1b8744633148a704ddba5adac238c5cbaf05bbd25606827a372b019
GET /s/sourceserifpro/v15/neIQzD-0qpwxpaWvjeD0X88SAOeauXQ-oA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cedargbltd.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:39:27 GMT
expires: Thu, 02 Nov 2023 19:39:27 GMT
cache-control: public, max-age=31536000
age: 337373
last-modified: Wed, 27 Apr 2022 15:45:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/04/health-check-image.jpg
92.205.3.88200 OK 44 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/04/health-check-image.jpg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1411x744, components 3\012- data
Hash 1de26c6dae97669cb3f8a7685360f8eb
fab0e7ad05392b65fbc5a210169f9264ba1c63af
b3e04b0e21ed8f1cf85117b8e752fd504cc9198e164331b58f959b0e3341888b
GET /wp-content/uploads/2019/04/health-check-image.jpg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Apr 2019 15:42:42 GMT
etag: "ab78-5869380c10080"
accept-ranges: bytes
content-length: 43896
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2015/12/bg-doktorka.jpg
92.205.3.88200 OK 88 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2015/12/bg-doktorka.jpg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type HTML document, ASCII text, with no line terminators
Hash 9a1e2166191146a66feae2c09d01686c
02ec95b46a491385f3c7cb9bb65096ba7fd3e728
510eb260c3260693632181009c6474585c0baee61320927a50d1681b51730298
GET /wp-content/uploads/2015/12/bg-doktorka.jpg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 16:38:26 GMT
etag: "58-58501f33ee480"
accept-ranges: bytes
content-length: 88
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/fonts/Pe-icon-7-stroke.woff?d7yf1v
92.205.3.88200 OK 59 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/fonts/Pe-icon-7-stroke.woff?d7yf1v
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type Web Open Font Format, TrueType, length 58556, version 1.0\012- data
Hash b38ef310874bdd008ac14ef3db939032
7e544bb11b7655998db6f324c612f7ffbf0ab66e
6fb4217048f333e23e0fd0ba2ab05e05fd7500f86a5a80a7cf04a2f94b257bec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/fonts/Pe-icon-7-stroke.woff?d7yf1v HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.cedargbltd.co.uk/wp-content/themes/medicare/style.css?ver=5.1.15
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "e4bc-5850137f7c700"
accept-ranges: bytes
content-length: 58556
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
content-type: application/font-woff
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/js/enquire.min.js
92.205.3.88200 OK 1.0 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/js/enquire.min.js
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (2045), with CRLF line terminators
Hash 5cb4de312551850e17b55963f4925348
2781b8a8e03d74ad9ed4dc3dd3c1fb665e02a189
7664f56ebe0d1d7cf076513d705273d672b41c3214cca673f5be8659240d8655
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/js/enquire.min.js HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:04 GMT
etag: "8d4-5850137f7c700-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-length: 1011
content-type: application/x-javascript
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/fonts/btmedical.ttf?uxxznt
92.205.3.88200 OK 73 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/fonts/btmedical.ttf?uxxznt
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, btmedical \012- data
Hash fe44929544036412792c725b89e4025a
51944c9236bd852624fa74a95e124a6271cceab3
de9355b4e5d61503f78e606a187406be65e7601f0e90b2a4c9bc1e8a35f195ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/fonts/btmedical.ttf?uxxznt HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/wp-content/themes/medicare/style.css?ver=5.1.15
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "1e898-5850137f7c700-br"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
vary: Accept-Encoding
content-encoding: br
referrer-policy: no-referrer-when-downgrade
content-length: 73168
content-type: application/x-font-ttf
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/fonts/fontawesome-webfont.woff2?v=4.5.0
92.205.3.88200 OK 77 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.cedargbltd.co.uk/wp-content/themes/medicare/style.css?ver=5.1.15
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "12d68-5850137f7c700"
accept-ranges: bytes
content-length: 77160
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
vary: Accept-Encoding
referrer-policy: no-referrer-when-downgrade
content-type: application/font-woff2
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/04/health-check-image-320x169.jpg
92.205.3.88200 OK 8.5 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/04/health-check-image-320x169.jpg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 320x169, components 3\012- data
Hash 815af2fe4ce14de0adc242b437d4fb75
96dd8f862ab14881f5e1c4b5e2c8ae179ab13624
3b42429244ad57fc8afba246051af4fff05b9cc64d4536e57f15abf6bd530208
GET /wp-content/uploads/2019/04/health-check-image-320x169.jpg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Apr 2019 15:42:42 GMT
etag: "2145-5869380c10080"
accept-ranges: bytes
content-length: 8517
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/04/Asian-engineer-with-hardhat-using-tablet-pc-computer-inspecting-and-working-at-construction-site-886026522_1413x745-320x169.jpeg
92.205.3.88200 OK 20 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/04/Asian-engineer-with-hardhat-using-tablet-pc-computer-inspecting-and-working-at-construction-site-886026522_1413x745-320x169.jpeg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=13, height=2160, bps=170, PhotometricIntepretation=RGB, description=Asian engineer with hardhat using tablet pc computer inspecting and working at construction site, orientation=upper-left, width=4096], baseline, precision 8, 320x169, components 3\012- data
Hash 610bfea3cb309dae7f9384e1d566c9f0
df45e569dab4d364b2e59121a80eb4d43fdac662
d3431e96002864c00678289eca9fd92c77c3106f6c64c7dd1ab2f680d0645745
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2019/04/Asian-engineer-with-hardhat-using-tablet-pc-computer-inspecting-and-working-at-construction-site-886026522_1413x745-320x169.jpeg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Apr 2019 13:51:57 GMT
etag: "502d-585a08e95d940"
accept-ranges: bytes
content-length: 20525
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58ef724462e8781bbd27f0b2af154d0b
367adff260dc35adf50b3ebc3eace599272b61a3
6c090637e5d2130c067e08a7d60a6cf9e0fe1d8b1c33a743bd662cc7e70cd1ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C090637E5D2130C067E08A7D60A6CF9E0FE1D8B1C33A743BD662CC7E70CD1ED"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3642
Expires: Sun, 06 Nov 2022 18:23:02 GMT
Date: Sun, 06 Nov 2022 17:22:20 GMT
Connection: keep-alive
www.cedargbltd.co.uk/wp-content/uploads/2015/11/icon-green.png
92.205.3.88200 OK 88 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2015/11/icon-green.png
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type HTML document, ASCII text, with no line terminators
Hash 9a1e2166191146a66feae2c09d01686c
02ec95b46a491385f3c7cb9bb65096ba7fd3e728
510eb260c3260693632181009c6474585c0baee61320927a50d1681b51730298
GET /wp-content/uploads/2015/11/icon-green.png HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 16:38:00 GMT
etag: "58-58501f1b22a00"
accept-ranges: bytes
content-length: 88
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
hydrahydra.kim/fetch.php?tracker=adsnet.work&site=aHR0cHM6Ly93d3cuY2VkYXJnYmx0ZC5jby51ay8=
193.3.19.36200 OK 0 B URL HTTP/1.1 hydrahydra.kim/fetch.php?tracker=adsnet.work&site=aHR0cHM6Ly93d3cuY2VkYXJnYmx0ZC5jby51ay8=
IP 193.3.19.36:0
ASN #50340 OOO Network of data-centers Selectel
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fetch.php?tracker=adsnet.work&site=aHR0cHM6Ly93d3cuY2VkYXJnYmx0ZC5jby51ay8= HTTP/1.1
Host: hydrahydra.kim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cedargbltd.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 17:22:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.cedargbltd.co.uk/wp-content/uploads/2019/04/Asian-engineer-with-hardhat-using-tablet-pc-computer-inspecting-and-working-at-construction-site-886026522_1413x745.jpeg
92.205.3.88200 OK 422 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/04/Asian-engineer-with-hardhat-using-tablet-pc-computer-inspecting-and-working-at-construction-site-886026522_1413x745.jpeg
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=13, height=2160, bps=170, PhotometricIntepretation=RGB, description=Asian engineer with hardhat using tablet pc computer inspecting and working at construction site, orientation=upper-left, width=4096], baseline, precision 8, 1411x744, components 3\012- data
Size 422 kB (421668 bytes)
Hash 2af88ca0e70d9ded1d93c7c590ce9878
06b6a2ddba951ac559d467a87c8b87916c349ac2
942272b376fa1551860128372321399a6a9147a613b78016e84d28b3a3cbebfe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2019/04/Asian-engineer-with-hardhat-using-tablet-pc-computer-inspecting-and-working-at-construction-site-886026522_1413x745.jpeg HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Apr 2019 13:51:57 GMT
etag: "66f24-585a08e95d940"
accept-ranges: bytes
content-length: 421668
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/jpeg
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/transparent.png
142.250.74.163200 OK 68 B URL HTTP/2 maps.gstatic.com/mapfiles/transparent.png
IP 142.250.74.163:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 8327a6037ae00a5be9f75e63ee1b9fbe
a812c79b0d125e4946b33446eae0353f518627e2
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
GET /mapfiles/transparent.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cedargbltd.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Sun, 06 Nov 2022 17:22:20 GMT
expires: Sun, 06 Nov 2022 17:22:20 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.163200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.163:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cedargbltd.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Sun, 06 Nov 2022 17:22:20 GMT
expires: Sun, 06 Nov 2022 17:22:20 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/03/cropped-cedar-logo-192x192.png
92.205.3.88200 OK 29 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/03/cropped-cedar-logo-192x192.png
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7bcb6a56ec432157f52e41c3fe42167b
830e7714dd908d173693391907b28e986d3c9880
84909ff48b2377022e0a4656f48c8a9a0dbf8dc1e2121b311ea8f39bd67229ee
GET /wp-content/uploads/2019/03/cropped-cedar-logo-192x192.png HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 13:59:45 GMT
etag: "7243-584ffbbbff640"
accept-ranges: bytes
content-length: 29251
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/uploads/2019/03/cropped-cedar-logo-32x32.png
92.205.3.88200 OK 2.4 kB URL HTTP/2 www.cedargbltd.co.uk/wp-content/uploads/2019/03/cropped-cedar-logo-32x32.png
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 836e5d5c42c2b1f0c9dde35b78aea498
cb12fbf1500c68171f64573237e94f4efb11a879
4e0e5b736f57ae33872cfc601823c153f9b866a91b05c48b25af5cba2915c862
GET /wp-content/uploads/2019/03/cropped-cedar-logo-32x32.png HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 13:59:45 GMT
etag: "955-584ffbbbff640"
accept-ranges: bytes
content-length: 2389
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:20 GMT
referrer-policy: no-referrer-when-downgrade
content-type: image/png
date: Sun, 06 Nov 2022 17:22:20 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18261
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 17:22:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18261
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 17:22:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18261
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 17:22:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18261
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 17:22:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18261
Expires: Sun, 06 Nov 2022 22:26:41 GMT
Date: Sun, 06 Nov 2022 17:22:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3929fb3c2f0dad9409e9b247ab891518
b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28
64822bf90b140698a0043ea76542823a55daf3bb6ad1b6b3ba972c7fbb256bb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee1982-fead-41ba-9720-19ae491d0af1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8309
x-amzn-requestid: 377e4474-c2ee-4477-be4b-18d264ca9aa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJbgwH23IAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d937-7692bcd1131d9749085800b0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JK-yLq7PeMFrcv4opjTjHprEUQ8IIBuHPzhz0ttxQx9GYdBY1EauBA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:07 GMT
age: 68713
etag: "b8f906e9e3c3addf73e2d387c7238dc1ffe0bb28"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 70667
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 68982
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 42638
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 70411
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 39262
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
IP 34.120.237.76:0
File type gzip compressed data, max compression\012- data
Hash 68bb65a4c1918ad892c3e226313ba526
1a214a386494a91f513aa500a567c0906a686257
7c91b44eb8bf4c6cdabfc191cd03da04cc8c4997919fcb452ff1d27957ee37e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9331
x-amzn-requestid: d67eca4f-66a8-4366-b2d8-fb424e77b438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJb3lHQmIAMFemg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d9c9-77519cf22b23b7e00a23cacc;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:46:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZiP3LoPE9a2aP16DN-jBzPfGPS_uW4M_qtJ3ilw26cxK6w6mWJOxPQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
etag: "349f301eab8e4cd3732e9b0fbd1675bbbe3e969b"
content-type: image/jpeg
age: 68989
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.cedargbltd.co.uk/wp-content/themes/medicare/style.css?ver=5.1.15
92.205.3.88200 OK 0 B URL HTTP/2 www.cedargbltd.co.uk/wp-content/themes/medicare/style.css?ver=5.1.15
IP 92.205.3.88:0
ASN #21499 Host Europe GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/medicare/style.css?ver=5.1.15 HTTP/1.1
Host: www.cedargbltd.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cedargbltd.co.uk/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Mar 2019 15:46:03 GMT
etag: "9cccf-5850137e884c0-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 06 Nov 2023 17:22:19 GMT
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-type: text/css
date: Sun, 06 Nov 2022 17:22:19 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Serif+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Serif+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Serif+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Serif+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
IP 142.250.74.10:0
GET /css?family=Montserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CMontserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Serif+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Serif+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cedargbltd.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 06 Nov 2022 17:22:19 GMT
date: Sun, 06 Nov 2022 17:22:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2