r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5048
Expires: Tue, 13 Dec 2022 14:17:12 GMT
Date: Tue, 13 Dec 2022 12:53:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 358212db02ecc7c1fa088906bd2dba14
091a0688da9de609d97349215ba9e452dfc346a4
7486e512e4de8172ac07f07f47da3a96dd3ac7cb054b335f3e4929261440e672
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7486E512E4DE8172AC07F07F47DA3A96DD3AC7CB054B335F3E4929261440E672"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12637
Expires: Tue, 13 Dec 2022 16:23:41 GMT
Date: Tue, 13 Dec 2022 12:53:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 12:33:45 GMT
content-type: application/json
age: 1159
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3759
Expires: Tue, 13 Dec 2022 13:55:43 GMT
Date: Tue, 13 Dec 2022 12:53:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GRuRH/QDqcGUFo/OaZSFuWvC1bxbhdG1HqhYEaqmMC+4R1BtlCw0DGaDW7/3QXpZrjpY2AMrpoY=
x-amz-request-id: PVZJQMQT6GDQHNWZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 12:50:03 GMT
age: 181
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 12:53:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
heartburnsymptoms.net/
200 OK 41 kB IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54620), with CRLF, LF line terminators
Hash 0e36182781f66a5ec195ff850bf31072
3d237cc02b49334a1a45e74a327f7c4e3b59d4b5
6726ef2b8eed041c15f6cca662233bd503d60b1f0e1cba933bf5fa5ab951bfb1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 12:53:07 GMT
Server: nginx/1.21.6
Content-Type: text/html
Last-Modified: Wed, 29 Sep 2021 07:06:31 GMT
Cache-Control: max-age=7200
Expires: Tue, 13 Dec 2022 13:30:25 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: HIT
Transfer-Encoding: chunked
www.google.com/recaptcha/api.js?ver=1
200 OK 552 B URL HTTP/1.1 www.google.com/recaptcha/api.js?ver=1
IP
File type ASCII text, with very long lines (849), with no line terminators
Hash b8cb7c397d6ec8b2dbc3329edabbcefd
2ec6f8b5b75667ad6b35e4aa53efdfa0305554b5
800dc22927ac8ebc92e0bdaa2eb676784dcec0c1fe660c43ae3967a30f09b760
GET /recaptcha/api.js?ver=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
HTTP/1.1 200 OK
Expires: Tue, 13 Dec 2022 12:53:05 GMT
Date: Tue, 13 Dec 2022 12:53:05 GMT
Cache-Control: private, max-age=300
Content-Type: text/javascript; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 552
Server: GSE
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 12:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 12:53:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 12:33:17 GMT
age: 1188
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans%3A400%2C400italic%2C700%2C700italic%7CAntic+Slab%3A400%2C400italic%2C700%2C700italic&subset=latin&ver=5.8.1
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans%3A400%2C400italic%2C700%2C700italic%7CAntic+Slab%3A400%2C400italic%2C700%2C700italic&subset=latin&ver=5.8.1
IP
Hash 1014b475c48e29ccf094c0279009b251
2d549f3f9f7336e270c17eb99b2a7cc384225dd4
03db19d5f4965e3a86efd06f7cf04a1e6adb3b8923d46e7fe187729cdf1bd6d3
GET /css?family=PT+Sans%3A400%2C400italic%2C700%2C700italic%7CAntic+Slab%3A400%2C400italic%2C700%2C700italic&subset=latin&ver=5.8.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 12:53:05 GMT
date: Tue, 13 Dec 2022 12:53:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 107b2792c6f2cda46b0414f6f0fb4371
543e27f31f3b10730c91b895b33578de8d623da7
a3ef05d0bdadcd8b0c980823a6cdfc4df318530c025e858f116a967505196d74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EF05D0BDADCD8B0C980823A6CDFC4DF318530C025E858F116A967505196D74"
Last-Modified: Sun, 11 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Dec 2022 18:53:05 GMT
Date: Tue, 13 Dec 2022 12:53:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 107b2792c6f2cda46b0414f6f0fb4371
543e27f31f3b10730c91b895b33578de8d623da7
a3ef05d0bdadcd8b0c980823a6cdfc4df318530c025e858f116a967505196d74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EF05D0BDADCD8B0C980823A6CDFC4DF318530C025E858F116A967505196D74"
Last-Modified: Sun, 11 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Dec 2022 18:53:05 GMT
Date: Tue, 13 Dec 2022 12:53:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 107b2792c6f2cda46b0414f6f0fb4371
543e27f31f3b10730c91b895b33578de8d623da7
a3ef05d0bdadcd8b0c980823a6cdfc4df318530c025e858f116a967505196d74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EF05D0BDADCD8B0C980823A6CDFC4DF318530C025E858F116A967505196D74"
Last-Modified: Sun, 11 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Dec 2022 18:53:05 GMT
Date: Tue, 13 Dec 2022 12:53:05 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5430
Cache-Control: max-age=164657
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 12:53:05 GMT
Etag: "639840ac-1d7"
Expires: Thu, 15 Dec 2022 10:37:22 GMT
Last-Modified: Tue, 13 Dec 2022 09:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 107b2792c6f2cda46b0414f6f0fb4371
543e27f31f3b10730c91b895b33578de8d623da7
a3ef05d0bdadcd8b0c980823a6cdfc4df318530c025e858f116a967505196d74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EF05D0BDADCD8B0C980823A6CDFC4DF318530C025E858F116A967505196D74"
Last-Modified: Sun, 11 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Dec 2022 18:53:05 GMT
Date: Tue, 13 Dec 2022 12:53:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f11a874682bd336c3f933006000f7f44
01685cd6ab75209180129dfeff9246631f05aed7
94167416bd582ddda6e629a51d5a74e528b29f818b119b0c43b64470c44b787b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94167416BD582DDDA6E629A51D5A74E528B29F818B119B0C43B64470C44B787B"
Last-Modified: Tue, 13 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Dec 2022 18:53:05 GMT
Date: Tue, 13 Dec 2022 12:53:05 GMT
Connection: keep-alive
heartburnsymptoms.net/wp-content/plugins/xagio/assets/css/review-widget.css?ver=5.8.1
200 OK 2.0 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/xagio/assets/css/review-widget.css?ver=5.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash bbc9c2f81e15d6b6f76f3fc2bd250380
e82bff17e790ca9edd1719c875fecd77498a11a5
9f5da97d66b2926b577a5aee57f3f0e3903f6810128246755b81ee9426dad67a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/xagio/assets/css/review-widget.css?ver=5.8.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Sep 2021 15:25:34 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2007
content-type: text/css
date: Tue, 13 Dec 2022 12:53:05 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/xagio/assets/css/review-display.css?ver=5.8.1
200 OK 445 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/xagio/assets/css/review-display.css?ver=5.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 7a61397ab547f3d5334bcabe5a2e28bb
42652dcef7bdc81cca8b3bcd7b119464d39d2514
e7fca1cf5b5dece01d129ef092f19f4b4dc3a04e064e454b5607bedd1832f64f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/xagio/assets/css/review-display.css?ver=5.8.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Sep 2021 15:25:34 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 445
content-type: text/css
date: Tue, 13 Dec 2022 12:53:05 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
200 OK 3.2 kB URL HTTP/2 heartburnsymptoms.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11256), with no line terminators
Hash 1054d0d53548e8bae51665b11acc6413
2eea6a05fe18db61fff58c431d34a86b3e0b7ade
cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 30 Sep 2020 02:23:06 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3239
content-type: text/css
date: Tue, 13 Dec 2022 12:53:05 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K5nLAmRUUyJ+uXbqatdt2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: otAx9Co2tApqPm/H1mGWdsG3Sa4=
heartburnsymptoms.net/wp-content/themes/Avada/animations.css?ver=3.8.7
200 OK 2.7 kB URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/animations.css?ver=3.8.7
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash b016d2410927e6a83d67a0585b4f834f
54df5c70387f6477512cd9ea57a7756f21408aba
1624c92984bd843da94dd64d0dc4480474c09372f2696c44089e49b8e76fd457
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/animations.css?ver=3.8.7 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2740
content-type: text/css
date: Tue, 13 Dec 2022 12:53:05 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/themes/Avada/ilightbox.css?ver=3.8.7
200 OK 12 kB URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/ilightbox.css?ver=3.8.7
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4070986757e8a88f7410e6f14074f3aa
8e0bf0a44c7505e195796ff28d2fc118fca0b556
d4fafb53525917087f0985eea2de11c87e52785ab3ed63e2f94c63a194b201c5
GET /wp-content/themes/Avada/ilightbox.css?ver=3.8.7 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12295
content-type: text/css
date: Tue, 13 Dec 2022 12:53:05 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/themes/Avada/assets/fonts/fontawesome/font-awesome.css?ver=3.8.7
200 OK 6.1 kB URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/assets/fonts/fontawesome/font-awesome.css?ver=3.8.7
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26495)
Hash e2a479cb596e7b3b3c0927cadc654ba6
8581182d494a391322b0baab491e63eeccbeb146
3d6915b967a6414a864909fcb7ca36939008236c82b03020864ff545ae51fb7b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/fonts/fontawesome/font-awesome.css?ver=3.8.7 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6078
content-type: text/css
date: Tue, 13 Dec 2022 12:53:05 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
409 Conflict 83 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 409 Conflict
date: Tue, 13 Dec 2022 12:53:05 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/xagio/assets/js/xag_user.js?ver=1
200 OK 292 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/xagio/assets/js/xag_user.js?ver=1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 268d0cb19f7a0060b1cfe40c56ec52d1
78506fed0c105878daec8a4572428fa7db482e0e
ea62c19a86e4846a8df0be3ab4a4f665ba73140d8005b9e4af9862838d695059
GET /wp-content/plugins/xagio/assets/js/xag_user.js?ver=1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Sep 2021 15:25:34 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 292
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/xagio/assets/js/footer_links.js?ver=1
200 OK 225 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/xagio/assets/js/footer_links.js?ver=1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash ffd42bc347e13c455a497d4dd0a61054
f67b6776cd82121c590aa5586e2860f9b027ab50
68ec668e8c503ab45efc100a91f0ec0ec72f81644d77a2c427ab27420d0093a2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/xagio/assets/js/footer_links.js?ver=1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Sep 2021 15:25:34 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 225
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/xagio/assets/js/review-widget.js?ver=1
200 OK 3.7 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/xagio/assets/js/review-widget.js?ver=1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (310)
Hash 51b0bd0b538c09631d9a4621efe10ebf
b8db793d1d5cfee9e916a382da29671938b5af31
5314b779ddd8930f6c5a9ddfec96498b5efd271880c62cb5ccc3d659940d3419
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/xagio/assets/js/review-widget.js?ver=1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Sep 2021 16:05:10 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3680
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/LayerSlider/static/css/layerslider.css?ver=5.6.2
200 OK 4.0 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/LayerSlider/static/css/layerslider.css?ver=5.6.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2f910db065a31f59f4310cebfd9d1c3e
b43ba621373edcbfcbb3401d894d3d62254dbbbd
48f6c9ac893f3ffe11b70262cb4f7a34d93d57ccc8b6b791b1a9ebe08c734bb6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/static/css/layerslider.css?ver=5.6.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:22:19 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3960
content-type: text/css
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
409 Conflict 83 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 409 Conflict
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.7.1
200 OK 792 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.7.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.7.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 01:36:41 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 792
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/js/wp-embed.min.js?ver=5.8.1
200 OK 777 B URL HTTP/2 heartburnsymptoms.net/wp-includes/js/wp-embed.min.js?ver=5.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 06ece4d01ee88297957c9f4cdcaa4df5
2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.8.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 07 Jan 2021 02:59:24 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 777
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.7.1
200 OK 1.0 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.7.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.7.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 01:36:41 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1000
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2
200 OK 1.7 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5305), with no line terminators
Hash 0332c949167f256eaeb32063c28950ae
55d38da2c11e1b193de19a9fa3a6a275a4accdfe
1c1dcbb08352422a98b8dd9632753b904e9040eea0a538dc2d169935e7fa5fb3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.7.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 01:36:41 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1723
content-type: text/css
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js?ver=5.6.2
200 OK 3.4 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js?ver=5.6.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20890)
Hash 34e1dde2e4596e176bdd461abd8c51d9
3c8472ee181bfa0d149d7efd732753af5555657e
1af1fd1b2dc3ebbdbeb7d4dde91405130a05e58449b316749f12128940add38b
GET /wp-content/plugins/LayerSlider/static/js/layerslider.transitions.js?ver=5.6.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:22:19 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3421
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
200 OK 15 kB URL HTTP/2 heartburnsymptoms.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 6ebc7a4d773cb1f29a93f605933fba76
b113ca39afc5fd44cbc06dca58945bb5e9fb771e
7a12133f8cb48c1b5b4631ee9e9a0eebe36bbf2bbe1eb792b0f9fc630c18bd76
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 01 Sep 2021 14:35:58 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14560
content-type: text/css
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
200 OK 2.6 kB URL HTTP/2 heartburnsymptoms.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6406), with no line terminators
Hash 340db4973d1ee14c5348599f661a3220
d4cf31e2af7774c276d7a883733a8392e232df49
85d0de0d6dbe1f487407829c52413d7e81c7c9ed28bc3ae9079c19303e91f678
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Jun 2021 10:36:14 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2635
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.1
200 OK 1.3 kB URL HTTP/2 heartburnsymptoms.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4186), with no line terminators
Hash 91bab39b98d7e5c1632717b9ebe349e4
e639a447d06fc7827be5b5b35d603ff16b5f7bb1
47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 08 Jun 2019 07:15:02 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1298
content-type: text/css
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/themes/Avada/assets/images/logo.png
200 OK 4.5 kB URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/assets/images/logo.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 97 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f2abf6bce08735efa10141bbf0b9608
b1f267b04a018b6a962806ff9d1277dddead0203
8d66082b3de44dd1aed8c90748b99beb6119b08fe94b25abbc607badc8413d89
GET /wp-content/themes/Avada/assets/images/logo.png HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
content-length: 4462
cache-control: max-age=31536000
expires: Wed, 13 Dec 2023 12:53:06 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.7.1
200 OK 1.1 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.7.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash cd0d4a61ea66e2609f7fafca802e10c8
6c2f2a32371a7cb6c34cd0d7abd5ca653058b6e1
21a6739f80cd455c35620bf9869f312c4ff0b7e5d4b6d6cc8401bd5deba54c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.7.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 01:36:41 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1093
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.7.1
200 OK 1.2 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.7.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 57b5945094a547e06221f8f949e6d335
76fc7361f00684ea29ffbf4b7d46e5429b8c245a
f9d0da987075df31cc4cf8aed46bc193467ce7165568d83c8016e6fe904e72c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.7.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 01:36:41 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1200
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
200 OK 5.2 kB URL HTTP/2 heartburnsymptoms.net/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15224)
Hash 00af0ddf324f69fcb25f0d2e5d08910a
df0379ab0e1b2902957c8aba77f89d88e1239b59
f0a06ed3b8d3917b358def04d87668001cd1c6da31a5cb4bb452313feb64a2a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Jun 2021 08:45:12 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5243
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 6.9 kB URL HTTP/2 heartburnsymptoms.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 122fe79a1d53d10946cded540d2e219f
6271fdf889afe8a13d7c69efea9b40cbd0d81939
94cb1b0ca86f7f0bb7bcc81b42a06b6199bd37ff77ca88dccf3acc92683f3e24
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Jun 2021 09:48:12 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6935
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.7.1
200 OK 4.0 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.7.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9151)
Hash 338b374df64ac61f520f0dc2c42f84a4
7f5d52c9681f54bd3adbda325dffaac88b48839f
c411e1e640b16842b6142a6e4db4b7172abedc8740b0944fc7c510c7f8f85609
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.7.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 01:36:41 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3952
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
200 OK 421 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (685)
Hash 90efea45d35c561b6b0b67b490752bc0
8470a5551b194335f5981f2c2bb58c97e87c9f76
6a52ad26b5923176c352b96dc8f56d13ff7bc1a6141c1bec7386cd3c2701b6ba
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Sep 2021 01:10:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 421
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.6 kB URL HTTP/2 heartburnsymptoms.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 20:36:06 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/themes/Avada/assets/css/woocommerce.css?ver=3.8.7
200 OK 14 kB URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/assets/css/woocommerce.css?ver=3.8.7
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 6468c79a9f052d6e4e03a663d1a2b14d
ee50c56744fe31c53213070110d5aa7e357df0ea
3a83d2c1486e564d84faa9c5d6eaa8016dfe6613248f10f5420fd57ecba3b1c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/css/woocommerce.css?ver=3.8.7 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14072
content-type: text/css
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4174
Expires: Tue, 13 Dec 2022 14:02:41 GMT
Date: Tue, 13 Dec 2022 12:53:07 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://heartburnsymptoms.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 18:51:03 GMT
expires: Thu, 07 Dec 2023 18:51:03 GMT
cache-control: public, max-age=31536000
age: 496924
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eCJ1Y9f8WMsfMlaqxVR4kTx0Eacgeqn2TN-df-DPt9nQI9AIrqHkEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 00:46:29 GMT
age: 43598
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 703d359edb819eaefc6ccae224bbde15
4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8
0452d24052bef979fd13f1a0fefb4c7803ff91c5afa3c871f85b73eb08f15489
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12144
x-amzn-requestid: 0d00ec22-808c-4f60-98b1-87eef4aad829
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6n0yFORIAMFskA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394201e-58f1a5c87fc341bf56fa9d68;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 05:58:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sW4dQXExyH6JvbdtSgIPJUiifHh-VfbfcG5hKMaJ4tZA3pO-fobF6w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 20:36:31 GMT
age: 58596
etag: "4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iPEuoDVSO2rNh9Y9VA2sYsfqtiMYPHJx2IQdW2Yevo2eqsch2MesJg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 03:38:02 GMT
age: 33305
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/anticslab/v16/bWt97fPFfRzkCa9Jlp6IacVcXA.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/anticslab/v16/bWt97fPFfRzkCa9Jlp6IacVcXA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12136, version 1.0\012- data
Hash cae549261ca235f6a254f6eed560ba20
ee867ac8b467c51d0455ab3438e04fbee79c2d87
3c478d59cd9c14ded18169933a9703a61220b737631fa08035f626f45867c134
GET /s/anticslab/v16/bWt97fPFfRzkCa9Jlp6IacVcXA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://heartburnsymptoms.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 22:56:42 GMT
expires: Sat, 09 Dec 2023 22:56:42 GMT
cache-control: public, max-age=31536000
age: 309385
last-modified: Tue, 19 Apr 2022 18:27:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.8
200 OK 40 kB URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.8
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash c46b8601f88b168291f9b181e476d19e
78f001e5cedeb72f9b1ae53a1657b927c5a28172
24235e2ec23715a6a07160b7780efa5e0e5d41933a7528eeabca049fd370e9e6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/LayerSlider/static/js/greensock.js?ver=1.11.8 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:22:19 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc3da96-5b77-4fb2-bc43-14a2303cf2ab.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc3da96-5b77-4fb2-bc43-14a2303cf2ab.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5aef8a4b47db2eff330ac8df5cb601
70b17a00792b42e3ed26d06b92461b2de090f1e5
2c5962564e4e04e58c583b2708e8d8a1c610843fc53a29cc66bf87e6706a57d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dc3da96-5b77-4fb2-bc43-14a2303cf2ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11578
x-amzn-requestid: 3ba66794-67ea-422f-b58b-b9654901c93c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENsFBWoAMF14Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-0fdc76563f14abfd005edaa3;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Xw4kjQs7I3e31bExMBbdJDIIIfXBwTFpDHWBU0Fa4ipYLvHafl__AQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:59:56 GMT
age: 53591
etag: "70b17a00792b42e3ed26d06b92461b2de090f1e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b226bd8dfeafe00183109d4f824e2be
3c2b64c94cc098a416b1d4865e31298fcd5d05c1
ccce0f89771d141076cbf3a1830eaa5d81b9c0376c3637e100bdb21b98ecd3b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9265
x-amzn-requestid: f9aa1f6f-91dc-48c1-819b-c7ac8fba37e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD4BFPMIAMFacw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cff-6530a07c79f68a2a51e56a57;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bvIk4d1lHzT0RvVqHx0abvpFYHRYRFSvI0XDqPkUOZnXz6gk0All6g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:57:51 GMT
age: 53716
etag: "3c2b64c94cc098a416b1d4865e31298fcd5d05c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heartburnsymptoms.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
409 Conflict 83 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 409 Conflict
date: Tue, 13 Dec 2022 12:53:07 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=194697278&post=0&tz=0&srv=heartburnsymptoms.net&host=heartburnsymptoms.net&ref=&fcp=2716&rand=0.4477554004258061
200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=194697278&post=0&tz=0&srv=heartburnsymptoms.net&host=heartburnsymptoms.net&ref=&fcp=2716&rand=0.4477554004258061
IP
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A10.1&blog=194697278&post=0&tz=0&srv=heartburnsymptoms.net&host=heartburnsymptoms.net&ref=&fcp=2716&rand=0.4477554004258061 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 12:53:07 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
heartburnsymptoms.net/wp-content/themes/Avada/assets/images/page_title_bg.png
200 OK 50 kB URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/assets/images/page_title_bg.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1400 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash 626bdf14ba987a175c0ace4510e9747c
7abdc3fe86410e599ac7d9a3732daddab83c23a0
6490da8fa414a3ee09c42b4b0557ee396bd60c3dd7654c9df31c50f35a3fa122
GET /wp-content/themes/Avada/assets/images/page_title_bg.png HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
content-length: 50495
cache-control: max-age=31536000
expires: Wed, 13 Dec 2023 12:53:07 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Tue, 13 Dec 2022 12:53:07 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/themes/Avada/assets/fonts/icomoon/icomoon.woff
200 OK 13 kB URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/assets/fonts/icomoon/icomoon.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 13164, version 0.0\012- data
Hash 3beb3b137d0d1ad7e16da1895e67fb6d
b91d06f2c5cf978a669f14530a682b8af04632e9
119f7c4aa5c7bab088ef22d4c821cab901891439615ab9951634d9905f602076
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/fonts/icomoon/icomoon.woff HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://heartburnsymptoms.net
Connection: keep-alive
Referer: https://heartburnsymptoms.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
content-length: 13164
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:07 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff
date: Tue, 13 Dec 2022 12:53:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
IP
File type ASCII text, with very long lines (649)
Size 163 kB (163396 bytes)
Hash aa75370bb1ce2d5b05b0d02f6feecba4
f110915b53288da7b267c51210cfc239dc0b5591
cfb8dadaba93a5e0a08739ce589b55cc61fb93d0c616da564394ce925bef6197
GET /recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://heartburnsymptoms.net
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 10:31:33 GMT
expires: Wed, 13 Dec 2023 10:31:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
content-type: text/javascript
age: 8494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6668df18d0e067cb9d2cdb88facba6a9
8dca458501ed32e2b530d729817e0a12910145ec
8fa090fc36252b04f278f812a6b4f286dc672bbfb6db1402ac814f4f9723f5fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6668df18d0e067cb9d2cdb88facba6a9
8dca458501ed32e2b530d729817e0a12910145ec
8fa090fc36252b04f278f812a6b4f286dc672bbfb6db1402ac814f4f9723f5fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 12:53:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heartburnsymptoms.net/wp-content/themes/Avada/assets/fonts/icomoon/icomoon.ttf
200 OK 13 kB URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/assets/fonts/icomoon/icomoon.ttf
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 86a22feaf8f8692250fb7b6fcf47331f
a14e2b07ddde1667e31f87d7249972c563bb160e
0137d079f887ff4bba3bbf9d845a60184177070e0699b477a1f51a35412a012a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/fonts/icomoon/icomoon.ttf HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://heartburnsymptoms.net
Connection: keep-alive
Referer: https://heartburnsymptoms.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 12:53:07 GMT
server: Apache
content-type: font/ttf
content-length: 13088
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:07 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2
heartburnsymptoms.net/favicon.ico
500 Internal Server Error 0 B URL HTTP/1.1 heartburnsymptoms.net/favicon.ico
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
HTTP/1.1 500 Internal Server Error
Date: Tue, 13 Dec 2022 12:53:09 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Set-Cookie: PHPSESSID=2d6c721ec19097a2d6bb4481176e023f; path=/
Connection: close
heartburnsymptoms.net/?wc-ajax=get_refreshed_fragments
500 Internal Server Error 0 B URL HTTP/1.1 heartburnsymptoms.net/?wc-ajax=get_refreshed_fragments
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://heartburnsymptoms.net
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
HTTP/1.1 500 Internal Server Error
Date: Tue, 13 Dec 2022 12:53:07 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=2a48ce0948c9746feda4c536d912d0db; path=/
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
heartburnsymptoms.net/wp-content/themes/Avada/assets/js/main.min.js?ver=3.8.7
200 OK 0 B URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/assets/js/main.min.js?ver=3.8.7
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/js/main.min.js?ver=3.8.7 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.6.2
200 OK 0 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.6.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/LayerSlider/static/js/layerslider.kreaturamedia.jquery.js?ver=5.6.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:22:19 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
stats.wp.com/e-202139.js
200 OK 0 B IP
GET /e-202139.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 12:53:05 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Fri, 10 Nov 2023 15:21:58 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext
IP
GET /css?family=Lato:100,300,regular,700,900%7COpen+Sans:300%7CIndie+Flower:regular%7COswald:300,regular,700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 12:53:05 GMT
date: Tue, 13 Dec 2022 12:53:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/jetpack/css/jetpack.css?ver=10.1
200 OK 0 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/jetpack/css/jetpack.css?ver=10.1
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=10.1 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Sep 2021 01:10:03 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 0 B URL HTTP/2 heartburnsymptoms.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Mar 2021 02:37:24 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 13 Dec 2022 18:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2
200 OK 0 B URL HTTP/2 heartburnsymptoms.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.7.2 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 11 Mar 2022 01:36:41 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:06 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Tue, 13 Dec 2022 12:53:06 GMT
server: Apache
X-Firefox-Spdy: h2
stats.wp.com/s-202139.js
200 OK 0 B IP
GET /s-202139.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 12:53:05 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-2494"
content-encoding: br
expires: Fri, 10 Nov 2023 16:26:46 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
heartburnsymptoms.net/wp-content/themes/Avada/style.css?ver=3.8.7
200 OK 0 B URL HTTP/2 heartburnsymptoms.net/wp-content/themes/Avada/style.css?ver=3.8.7
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/style.css?ver=3.8.7 HTTP/1.1
Host: heartburnsymptoms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heartburnsymptoms.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 01:11:49 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 12 Jan 2023 12:53:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Tue, 13 Dec 2022 12:53:05 GMT
server: Apache
X-Firefox-Spdy: h2
192.254.188.250
93.184.220.29
23.36.77.32