r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Sat, 28 Jan 2023 06:04:36 GMT
Date: Sat, 28 Jan 2023 05:19:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9066
Expires: Sat, 28 Jan 2023 07:50:28 GMT
Date: Sat, 28 Jan 2023 05:19:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 04:35:28 GMT
content-type: application/json
age: 2634
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8303
Expires: Sat, 28 Jan 2023 07:37:45 GMT
Date: Sat, 28 Jan 2023 05:19:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QsRIKJlttZSlTLP4UiMYlNdGXB1QeZFZjeKxcAjhMPph3mkhYNscaUN/if6Dwzuflizl7FbwGsA=
x-amz-request-id: RM28G3D18P2CZ3T2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 04:20:50 GMT
age: 3512
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 04:41:40 GMT
age: 2263
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.plumvet.com/wp-admin/reviewdocament/index.html
192.124.249.120301 Moved Permanently 266 B URL HTTP/1.1 www.plumvet.com/wp-admin/reviewdocament/index.html
IP 192.124.249.120:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 478f8bdb9b93597ee2a10aac837b944a
8207317ac2a76a0a5df764f74cc1cb3f6f202aa0
6a1c5f42b9d3d4e5b3a9e09edbc2b3a20bc9ed15e2628dc180eeeb87b3f66cae
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/reviewdocament/index.html HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 05:19:22 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 266
Connection: keep-alive
X-Sucuri-ID: 19020
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Location: https://www.plumvet.com/wp-admin/reviewdocament/index.html
Cache-Control: max-age=0
Expires: Sat, 28 Jan 2023 05:19:21 GMT
X-Sucuri-Cache: BYPASS
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3587
Expires: Sat, 28 Jan 2023 06:19:10 GMT
Date: Sat, 28 Jan 2023 05:19:23 GMT
Connection: keep-alive
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 965ab33cbe0726a0df240e1996aaeece
b752f9b2de20ecdd3a23a3c4782ce79bb9b16a4a
eba3360b74dd85aaf0ff39b49d61a8fe884796077ca7b6bb070bb899a0159b27
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 05:19:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 23:21:37 GMT
Expires: Sat, 28 Jan 2023 23:21:37 GMT
ETag: "b752f9b2de20ecdd3a23a3c4782ce79bb9b16a4a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a/TNvS5Yn8JgDqU7kPO4pQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tO1ym7GaCkFB/bo2YEOyoouSwCo=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18727
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 05:19:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18727
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 05:19:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8744995437fb5a3fa77a14c2e72ac6f
f8ad682561dd204e1193bd6ea1fb7e8eccd51610
76445eced51bce8532ffd0ef6131b5c6d8f38a15267bcad99767795f9191efd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10213
x-amzn-requestid: f95cebd1-4305-4dda-b750-4801a441a6a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkFR5oAMFQQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-59ba391e439557731d323660;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1NYK_m9n3VxzpG0TVuBCrI8hKMNfAfWYC2Jbjr5JpHd4XlzYaQi0Pw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:10 GMT
age: 27015
etag: "f8ad682561dd204e1193bd6ea1fb7e8eccd51610"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 26559
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:14:23 GMT
age: 25502
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97118e74a8f60620950e42a11c11d71b
d144bbb82392a6103810ac9baa5346ddbefb5c16
2ce0c9696cf9842243186e86bae28c22896a9f51837f4961b6c7e3cfdfb24bd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b70d7a9-8bf2-490f-9646-c64694e42e42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3774
x-amzn-requestid: deae2f1e-baec-408c-92a7-4859d4afed47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EgFAgoAMFXRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b6-32a2ff1a369e7b5f41ecbabd;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UYb0x8jVdY5lPTL7paxqk8J2gDYs4Hn27fAtzxJ3CapnyWOHulqy4g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:09 GMT
age: 27016
etag: "d144bbb82392a6103810ac9baa5346ddbefb5c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25fd26625a6c5339389faf4f6aa8fc6a
05aed76d3966ea8a02d4bbbeff7b41c8a5aac907
9a29ad65cb7a8632a2c454a4caeb43a10c5152ccf3dbab22d584276bdeeb0dbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d9747a7-0b4d-40bd-8d53-7702f8df2966.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5746
x-amzn-requestid: 8ab00078-cdf9-465a-a493-64a488c9e634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwEIJIAMFutA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3f9b5f031812e32f6625f1e6;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jUVP5rlieH6mUh_fgVz4D636AIMAo2JXJqBgzGSI_CyY2-8Pza4IKw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 27027
etag: "05aed76d3966ea8a02d4bbbeff7b41c8a5aac907"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4ab1206-2f2c-4daf-abf7-d4cc431b79b2.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4ab1206-2f2c-4daf-abf7-d4cc431b79b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e309628617789c29791d3e5d7dfeb19
bdcc8216d475268a7429c69a6b49a2c1febb8ff2
8810db74253ce6101c61ad97c59a3558e4ae7387593ff7ac66003a0d309d04c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4ab1206-2f2c-4daf-abf7-d4cc431b79b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7367
x-amzn-requestid: 1e89d117-3167-4873-b596-f7f93e75d009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EWHDYIAMF1tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b5-17fd5e5649207dff1289c699;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ppdJECiDzgoYOBafVKAzErsXswgAYG83Glj_HFY9KgTJqdC5dqZYwA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:08 GMT
age: 27017
etag: "bdcc8216d475268a7429c69a6b49a2c1febb8ff2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-784137514
142.250.74.168200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-784137514
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash a3325a0f6ea3afc11b34a475fc86cbc2
70d378ce19409e086ffdb02f120c96b3576475c6
7bfdbd6a64c83c99e8e0b11bee34c35a868659d20f894e2a26a5fb154d10916a
GET /gtag/js?id=AW-784137514 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 05:19:25 GMT
expires: Sat, 28 Jan 2023 05:19:25 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash ce98c79696cb0b54c306d740d740dc28
a80dfce9cb4646bb2903b7c6b775e8715057dd28
47007c89c07385b46a16551b5c588fc27077d0fef14cc46814a752d144a38a2f
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 74
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 05:19:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1844
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 01:35:11 GMT
Expires: Sun, 29 Jan 2023 01:35:11 GMT
ETag: "a80dfce9cb4646bb2903b7c6b775e8715057dd28"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
digitalempathyvet.com/wp-content/uploads/2016/03/logo_1.png
192.124.249.5200 OK 5.4 kB URL HTTP/2 digitalempathyvet.com/wp-content/uploads/2016/03/logo_1.png
IP 192.124.249.5:0
File type PNG image data, 100 x 201, 8-bit/color RGBA, non-interlaced\012- data
Hash 0901b679c0a940a1355521f15ea1690f
52a352b365daf988a93fd9dc6a8b5bdaac1e4fd0
633d122d1848fb747fd534780c2dde453d7eed8516f7b7d628731ab81e74a545
GET /wp-content/uploads/2016/03/logo_1.png HTTP/1.1
Host: digitalempathyvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: image/png
content-length: 5371
x-sucuri-id: 19005
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Wed, 13 Jan 2021 22:57:18 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.16
192.124.249.120200 OK 2.4 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.16
IP 192.124.249.120:0
Hash ff742cf973c02adfbb9a9c3ca6c96753
193c469f0b7b6e68f6c528f92a6b9f2da3a5aed0
92986e8aec56577fbb6825ab0ead1300f9b3dfa073ddb1a9d3ef7204200b0af5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=3.0.16 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 2406
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Wed, 12 Oct 2022 05:53:39 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/ays-popup-box/public/css/animate.css?ver=3.3.5
192.124.249.120200 OK 4.1 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/ays-popup-box/public/css/animate.css?ver=3.3.5
IP 192.124.249.120:0
File type ASCII text, with very long lines (57833)
Hash 271471774c22fddeb94aeb8ec2da21b3
0fb2220bf3562642976f228d4c396c084c77947f
7c926ab73df2965e4bca8bc54f74521163d86db8b15b197cc3dacfb6aeaca58e
GET /wp-content/plugins/ays-popup-box/public/css/animate.css?ver=3.3.5 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 4063
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:59 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.12
192.124.249.120200 OK 1.3 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.12
IP 192.124.249.120:0
File type ASCII text, with very long lines (6776), with no line terminators
Hash a1486aa7f53e7a2544d7218fa2801b83
c5335eda6a1d7d2a3ce76dc1467fa30be45be9ba
b4ad8dd4ab4fe07e2622ec28ea4b78275f2f27fd85367a6cece449eb55c8890d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.css?ver=4.8.12 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 1264
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:57 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/holler-box/assets/css/popups.css?ver=1674883162
192.124.249.120200 OK 3.5 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/holler-box/assets/css/popups.css?ver=1674883162
IP 192.124.249.120:0
File type ASCII text, with very long lines (500)
Hash 0075cba54d55953afefd30950b5e229d
93d36bb1707f3fd1bc07ee4322d6f235ed4b39be
630c8e8ea53fe7c45521a5bf4b3dc23f958395c8d72b28e63c0477ae640b5562
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/holler-box/assets/css/popups.css?ver=1674883162 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 3456
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Sat, 26 Nov 2022 02:48:01 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/jquery-collapse-o-matic/css/core_style.css?ver=1.0
192.124.249.120200 OK 238 B URL HTTP/2 www.plumvet.com/wp-content/plugins/jquery-collapse-o-matic/css/core_style.css?ver=1.0
IP 192.124.249.120:0
File type ASCII text, with CRLF line terminators
Hash 344f35bde13f47e2287670b04a0ee39f
04441ce6cc75cd5137edc87de137308726d9acb9
5043a976b6af1b61b224d5476bee6c6fc2e8cac77339fdb58c3f5c7c0a70505a
GET /wp-content/plugins/jquery-collapse-o-matic/css/core_style.css?ver=1.0 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 238
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:57 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/jquery-collapse-o-matic/css/light_style.css?ver=1.6
192.124.249.120200 OK 355 B URL HTTP/2 www.plumvet.com/wp-content/plugins/jquery-collapse-o-matic/css/light_style.css?ver=1.6
IP 192.124.249.120:0
File type ASCII text, with CRLF line terminators
Hash ef93d3df5a32ad8e1900ad6343936213
93491e086305e14e43120cade1b514d94cedd2f9
787f4ed051a2ae35736f32e8b0f787d85d48811a47e7e87bbac0abf1e0f323e9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jquery-collapse-o-matic/css/light_style.css?ver=1.6 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 355
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:57 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.3.4
192.124.249.120200 OK 1.0 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.3.4
IP 192.124.249.120:0
Hash 91021d43ccec9c738942fa50dc9bc5d8
5f8e2def6fffa33de6ca70fc73835fe4349b9aa4
5326397b9984d6c507af588b9c9f8997ce02bd06330034477bafaf252dc0fd06
GET /wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.3.4 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 1042
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:56 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/ays-popup-box/public/js/ays-pb-public.js?ver=3.3.5
192.124.249.120200 OK 1.2 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/ays-popup-box/public/js/ays-pb-public.js?ver=3.3.5
IP 192.124.249.120:0
Hash 58ad755902995e6700006367c1ce28bf
cdec5818d1083404a4c289aff6585477c171e88d
c2f016f1b43d74eba3659c61f0555beba6eabdff3c994e14e75df01ffdc7a384
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ays-popup-box/public/js/ays-pb-public.js?ver=3.3.5 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 1175
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:59 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/themes/Avada/assets/css/style.min.css?ver=7.9.1
192.124.249.120200 OK 13 kB URL HTTP/2 www.plumvet.com/wp-content/themes/Avada/assets/css/style.min.css?ver=7.9.1
IP 192.124.249.120:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7ee8e6b1c8b06e7b52ec40168f0ce075
0d3849773a6cd4b26b40316d4aa0983ce813deb0
e454c2c221cda4c649fe4f625c24552e5d07ef2fd0c4cca08cad6120bedf4161
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/assets/css/style.min.css?ver=7.9.1 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 12819
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:33 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.124.249.120200 OK 4.2 kB URL HTTP/2 www.plumvet.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.124.249.120:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 4169
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Tue, 10 Jan 2023 00:12:50 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.16
192.124.249.120200 OK 7.4 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.16
IP 192.124.249.120:0
Hash d56a58c46b9ae8e301fb62fa8d4ed07a
3667480f20c43cbb54b70cae3c8f722ff170b896
ac82921951fae15a2966e68de2ba6391021a37a5a42ec6bd3334df71041f471d
GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=3.0.16 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 7448
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Wed, 12 Oct 2022 05:53:39 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.124.249.120200 OK 31 kB URL HTTP/2 www.plumvet.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.124.249.120:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 30995
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Tue, 10 Jan 2023 00:12:50 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/uploads/2018/09/header_logo_mobile.png
192.124.249.120200 OK 12 kB URL HTTP/2 www.plumvet.com/wp-content/uploads/2018/09/header_logo_mobile.png
IP 192.124.249.120:0
File type PNG image data, 78 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f27c59aaec569bf174abde5bbcee24f
4e94652b8ff8f089564b84709b9f385f79263b62
fa175463c9825ebe7e3825637c26af6620e33594233020db069bbcd8da0bbae6
GET /wp-content/uploads/2018/09/header_logo_mobile.png HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: image/png
content-length: 12103
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Mon, 15 Oct 2018 22:19:50 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2
192.124.249.120200 OK 369 B URL HTTP/2 www.plumvet.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2
IP 192.124.249.120:0
File type ASCII text, with CRLF line terminators
Hash dbcd09a3eec932ec409e4ec8fbffa7b6
f724362a7bdb90c1cf61345f62d850a36c8f5f89
68f6368451e1d8425b5ae218adae92a05128177bb6b5eb380e4c05179184fb99
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.2 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 369
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Sat, 26 Nov 2022 02:47:59 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/holler-box/assets/js/popups.min.js?ver=1674883162
192.124.249.120200 OK 8.6 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/holler-box/assets/js/popups.min.js?ver=1674883162
IP 192.124.249.120:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (9313)
Hash 341bf0dc2daf19d279a4270ad644d66e
8d3acc8ffbd9498eeea9985077f9ae9baec56002
d60d9e4a5a0aadc9574f3aa83a62ec6e969e357e5358cd60de4748838d9c07cc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/holler-box/assets/js/popups.min.js?ver=1674883162 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 8570
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Sat, 26 Nov 2022 02:48:01 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/jquery-collapse-o-matic/js/collapse.js?ver=1.7.2
192.124.249.120200 OK 3.8 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/jquery-collapse-o-matic/js/collapse.js?ver=1.7.2
IP 192.124.249.120:0
Hash 948f8d6dec19e5b7209e17961760dfd0
20f1e75d32bf29707d845badd4598a675549d93a
b46ba48bc9f507baf2d5be60feba8e86564a2f0551559437218055c05045553e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jquery-collapse-o-matic/js/collapse.js?ver=1.7.2 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 3780
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:57 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
192.124.249.120200 OK 2.9 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP 192.124.249.120:0
File type ASCII text, with very long lines (8290)
Hash e829d54451ad2eb2d4f2f137ecfe09e7
110aca8460cdc6d14548bd063346f26b5bc13eb5
1b53d2d3b35f1625aa732df003fbaaa1b5b3cbfe5b77a2185776081841258e00
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 2888
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:17:12 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.8
192.124.249.120200 OK 12 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.8
IP 192.124.249.120:0
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 71cca87d93a657d6d6e389d73515f10a
8d5fe66ddfcf8364e61ba6a02f06dc412b350229
f08bc22e0b0ebed123c31be4fbdbd01752088d9843958bc642ba9f60cf8c9d11
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.8 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 12467
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:17:09 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/ays-popup-box/public/css/ays-pb-public.css?ver=3.3.5
192.124.249.120200 OK 6.4 kB URL HTTP/2 www.plumvet.com/wp-content/plugins/ays-popup-box/public/css/ays-pb-public.css?ver=3.3.5
IP 192.124.249.120:0
Hash 79f6f069ac3991e6cfb7410ddee29854
3a10963c124af5249951d029f1d6ddc130698aa0
d54fadac5ce249c982d5dbc94fb723426a566e641128207fdfb5653c67f52443
GET /wp-content/plugins/ays-popup-box/public/css/ays-pb-public.css?ver=3.3.5 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: text/css; charset=utf-8
content-length: 6439
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:59 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/uploads/2018/09/plumtrees_logo.png
192.124.249.120200 OK 18 kB URL HTTP/2 www.plumvet.com/wp-content/uploads/2018/09/plumtrees_logo.png
IP 192.124.249.120:0
File type PNG image data, 108 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash e713a1b4091cc80f7510e4fdcf5ef1b8
1232f399c12f02c61a6a6f76973c55dec6993378
30030be4f3b033f218b3ae38f2130e8d32e23c4d7916dae580347f5925ba17b9
GET /wp-content/uploads/2018/09/plumtrees_logo.png HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: image/png
content-length: 18098
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Mon, 15 Oct 2018 22:19:50 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plumvet.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 10:26:49 GMT
expires: Sun, 21 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 586356
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plumvet.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 250046
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.plumvet.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 207931
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.plumvet.com/wp-content/uploads/fusion-scripts/f2e807d923a26e9c7879d6666ca2f6db.min.js?ver=3.9.1
192.124.249.120200 OK 200 kB URL HTTP/2 www.plumvet.com/wp-content/uploads/fusion-scripts/f2e807d923a26e9c7879d6666ca2f6db.min.js?ver=3.9.1
IP 192.124.249.120:0
Size 200 kB (199840 bytes)
Hash ce77a3d436a9e1fcf7191b2fa664d066
9ce1f90c5e859eb9cb2157d1a888e94fb0f54091
6ead5017a9df65a109835164b907f38ac7787a00ab1d58d4035ef855ed060dad
GET /wp-content/uploads/fusion-scripts/f2e807d923a26e9c7879d6666ca2f6db.min.js?ver=3.9.1 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 04:37:58 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
192.124.249.120200 OK 21 kB URL HTTP/2 www.plumvet.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
IP 192.124.249.120:0
File type Web Open Font Format, TrueType, length 21028, version 1.0\012- data
Hash 6b9a736ada76cf8a7ebbf83613292697
9d034292d47aeb744ce0851d50211aa684a6e075
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:26 GMT
content-type: font/woff
content-length: 21028
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:33 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
192.124.249.120200 OK 78 kB URL HTTP/2 www.plumvet.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
IP 192.124.249.120:0
File type Web Open Font Format (Version 2), TrueType, length 78212, version 331.-31261\012- data
Hash 8c4f474a3aaa695346196b1f33fab616
abc1ae262d760e104a5a5cb68614ac119fd0db18
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:26 GMT
content-type: font/woff2
content-length: 78212
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:16:33 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 780c84bb98c707a45da3fe408e4e075a
081db04c4186dda06649ac2783ed24116918a8e0
6e007c67179bf74db869c6b59d0f8a7f5affbafe45d7c905fd5d796ba0051cfb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 05:19:26 GMT
Last-Modified: Sat, 28 Jan 2023 03:55:47 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: w8OCBXXogCw9KxynR607iMpuxQGelh7qSMYZEZOJeIzEIue1MkciYQ==
Age: 5019
www.gstatic.com/wcm/loader.js
142.250.74.35200 OK 1.3 kB URL HTTP/2 www.gstatic.com/wcm/loader.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (1123)
Hash 22300d54ba7faf32360c95915053014c
ea83f097bd99413f9d8fcb08d0312ba7ba1be99f
2c4c9c9d6af1ad12556ab11c8021eb5c254025ce04500bc885b69984dd562ce5
GET /wcm/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1339
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 04:19:47 GMT
expires: Sat, 28 Jan 2023 05:19:47 GMT
cache-control: public, max-age=3600
age: 3579
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 03:46:59 GMT
expires: Sat, 28 Jan 2023 05:46:59 GMT
cache-control: public, max-age=7200
age: 5547
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b10c572a58f34d8fb28433f25bb9c885
8bc11baa4e367bfcf8738f28000a3befc9866cc8
678014c585151112a3bd14158afd8509eeec3d4bad3117d6ccd9ecaa109107bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: max-age=104497
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:26 GMT
Etag: "63d39152-1d7"
Expires: Sun, 29 Jan 2023 10:21:03 GMT
Last-Modified: Fri, 27 Jan 2023 08:54:42 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.userway.org/widget.js
185.76.9.25200 OK 29 kB URL HTTP/2 cdn.userway.org/widget.js
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (62876)
Hash 877e9ec4eabccff26caa2f461b95ec9d
57ee024604c08a3d5faef62837b962db8d228fbc
cee384c8a548feeaf9164538b99d10cf97c1b0b0e7fa407c3487436ef6463713
GET /widget.js HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 05:19:26 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 27 Jan 2023 11:58:39 GMT
etag: W/"474e19c0d37064545a688a8e3e1a0477"
cache-control: max-age=3600, public
vary: Accept-Encoding
via: 1.1 a370d34019720f60dd35cbe89cb3994a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: IaLJOUdgFviPOQ_dbIZNYkg6QunNV7Czjnv2fY1l1uhZt_7mfGFatw==
age: 2256
x-accel-expires: @1674886585
server: CDN77-Turbo
x-77-nzt: AblMCRR1u8v/tQAAAA
x-77-nzt-ray: af585630e91b3d165eb0d463c6988701
x-cache: HIT
x-age: 181
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/784137514/?random=1674883167225&cv=11&fst=1674883167225&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&auid=1530629655.1674883167&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.207.194200 OK 941 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/784137514/?random=1674883167225&cv=11&fst=1674883167225&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&auid=1530629655.1674883167&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2037), with no line terminators
Hash 7464f1f6d36454e67ba8303b21dd7456
f8a226cbf1c436ddbfa3dc1ed5f1a2658b16eb2c
5dd2ff307bf56cafadbfa13984a3f8c7a92830b4ce7f6c1173043c4e5bca67e3
GET /pagead/viewthroughconversion/784137514/?random=1674883167225&cv=11&fst=1674883167225&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&auid=1530629655.1674883167&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 05:19:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 941
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 28-Jan-2023 05:34:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-8JSTY0N9Y7>m=2oe1p0&_p=1583845667&cid=1746641598.1674883167&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674883167&sct=1&seg=0&dl=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&dt=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-8JSTY0N9Y7>m=2oe1p0&_p=1583845667&cid=1746641598.1674883167&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674883167&sct=1&seg=0&dl=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&dt=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8JSTY0N9Y7>m=2oe1p0&_p=1583845667&cid=1746641598.1674883167&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674883167&sct=1&seg=0&dl=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&dt=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Sat, 28 Jan 2023 05:19:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b10c572a58f34d8fb28433f25bb9c885
8bc11baa4e367bfcf8738f28000a3befc9866cc8
678014c585151112a3bd14158afd8509eeec3d4bad3117d6ccd9ecaa109107bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: max-age=104497
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:26 GMT
Etag: "63d39152-1d7"
Expires: Sun, 29 Jan 2023 10:21:03 GMT
Last-Modified: Fri, 27 Jan 2023 08:54:42 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.userway.org/widgetapp/2023-01-27/widget_app_base_1674820526684.js
185.76.9.25200 OK 39 kB URL HTTP/2 cdn.userway.org/widgetapp/2023-01-27/widget_app_base_1674820526684.js
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
Hash 9824e35e7cc9638af99df1e223a2d9b0
252e23e9d37d56a7d1957f5ab70195f82aa3bf99
6ea8e0801aabb8dd1070e7014e1451f0cca3484dd95ac770656d5dbd815e8f14
GET /widgetapp/2023-01-27/widget_app_base_1674820526684.js HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 05:19:26 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 27 Jan 2023 11:58:37 GMT
etag: W/"1451597cfed7e81751f31e77b2025260"
cache-control: max-age=25920000, public
vary: Accept-Encoding
via: 1.1 8b82a0c44466382daf259dbb61c8f23c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: cAl08DXBHYKmVzPojyEv904JYADcNd023vx_rvPqOTRzlQteaf1Brw==
age: 447
x-accel-expires: @1700743552
server: CDN77-Turbo
x-77-nzt: AblMCRRns+D/3ugAAA
x-77-nzt-ray: af585630e91b3d165eb0d463f4b81b0d
x-cache: HIT
x-age: 59614
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 622311873d3819b9911301b09bc2d43c
9f08d648e40479aa12da033da15b80a15017c739
6138674cec17da8b7bb02bf0686bf3e7aefa2bce6a5f844ebd80e10b665818b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64155726-58&cid=1746641598.1674883167&jid=154204957&gjid=1022447880&_gid=1597265549.1674883168&_u=YCDAgAABAAAAAE~&z=1103265108
173.194.221.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64155726-58&cid=1746641598.1674883167&jid=154204957&gjid=1022447880&_gid=1597265549.1674883168&_u=YCDAgAABAAAAAE~&z=1103265108
IP 173.194.221.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-64155726-58&cid=1746641598.1674883167&jid=154204957&gjid=1022447880&_gid=1597265549.1674883168&_u=YCDAgAABAAAAAE~&z=1103265108 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.plumvet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.plumvet.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 28 Jan 2023 05:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/784137514/?random=1674883167225&cv=11&fst=1674882000000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1818511803&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/784137514/?random=1674883167225&cv=11&fst=1674882000000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1818511803&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/784137514/?random=1674883167225&cv=11&fst=1674882000000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1818511803&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 05:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/784137514/?random=1674883167225&cv=11&fst=1674882000000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1818511803&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/784137514/?random=1674883167225&cv=11&fst=1674882000000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1818511803&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/784137514/?random=1674883167225&cv=11&fst=1674882000000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&tiba=Page%20not%20found%20-%20Vet%20In%20Danbury%20%7C%20Plumtrees%20Animal%20Hospital&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1818511803&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 05:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/attribution/wcm?cc=ZZ&dn=2037488878&cl=qibZCK6U-ooBEKr68_UC
142.250.74.67200 OK 87 B URL HTTP/2 www.google.no/pagead/attribution/wcm?cc=ZZ&dn=2037488878&cl=qibZCK6U-ooBEKr68_UC
IP 142.250.74.67:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 36d9ec9a38ee63b6e93115603d96f7a1
efb8de49ffe231ec8a1266a8ca3a97901356a846
30f732c37c76fae3bcf6bcb7c39492d86abc6c3fbf53dadc4533f89df05c71b2
GET /pagead/attribution/wcm?cc=ZZ&dn=2037488878&cl=qibZCK6U-ooBEKr68_UC HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
access-control-allow-credentials: true
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 05:19:27 GMT
server: cafe
cache-control: private
content-length: 87
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a6a37ab4140c561a21149fe23c5039ba
b92bf9ee84da841b64091e2e6d094477e9c506d7
20e865aaea3b329562a4017c7a4123694c902cdb10a044fd0ef2831c20f6b3c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4abb97e5fd107cb87b896feb33a2159b
757fc267c534b8f5191f97d4c6dce60753e965f2
88d691d314752499a884e54232b88c0d19e4c8163236851b99a0b0d3ac0d7f8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 05:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64155726-58&cid=1746641598.1674883167&jid=154204957&_u=YCDAgAABAAAAAE~&z=5053698
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64155726-58&cid=1746641598.1674883167&jid=154204957&_u=YCDAgAABAAAAAE~&z=5053698
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-64155726-58&cid=1746641598.1674883167&jid=154204957&_u=YCDAgAABAAAAAE~&z=5053698 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 28 Jan 2023 05:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2205719276222895&ev=PageView&dl=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&rl=&if=false&ts=1674883168415&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1674883168414.323591634&it=1674883168150&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2205719276222895&ev=PageView&dl=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&rl=&if=false&ts=1674883168415&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1674883168414.323591634&it=1674883168150&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2205719276222895&ev=PageView&dl=https%3A%2F%2Fwww.plumvet.com%2Fwp-admin%2Freviewdocament%2Findex.html&rl=&if=false&ts=1674883168415&sw=1280&sh=1024&v=2.9.92&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1674883168414.323591634&it=1674883168150&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Jan 2023 05:19:27 GMT
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/uploads/2018/09/plumtrees_favicon.png
192.124.249.120200 OK 3.4 kB URL HTTP/2 www.plumvet.com/wp-content/uploads/2018/09/plumtrees_favicon.png
IP 192.124.249.120:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9275d88b5a608786e5d3ff11106f6243
9eaed780912d1b49f58ff375791d21c386e64453
8dbae75192510491f3f2edff23375ec57d108bc09972835e37c2a613866ce0c5
GET /wp-content/uploads/2018/09/plumtrees_favicon.png HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _gcl_au=1.1.1530629655.1674883167; _ga_8JSTY0N9Y7=GS1.1.1674883167.1.0.1674883167.0.0.0; _ga=GA1.1.1746641598.1674883167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:27 GMT
content-type: image/png
content-length: 3425
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Mon, 15 Oct 2018 22:19:50 GMT
accept-ranges: bytes
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
cdn.userway.org/widgetapp/images/spin_wh.svg
185.76.9.25200 OK 0 B URL HTTP/2 cdn.userway.org/widgetapp/images/spin_wh.svg
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
GET /widgetapp/images/spin_wh.svg HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 05:19:27 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
cache-control: max-age=25920000, public
vary: Accept-Encoding
via: 1.1 7c454612f54f08da25a4d31583e0451e.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: 9u6hnSPHC1IqSZpLExCZYPgFRuKgoKKW54nvoFln0Y0ZdCevQnUcVg==
age: 14
x-accel-expires: @1699529254
server: CDN77-Turbo
x-77-nzt: AblMCRS5POr/OXATAA
x-77-nzt-ray: af585630e91b3d165fb0d463b715ee24
x-cache: HIT
x-age: 1273913
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.plumvet.com/wp-admin/reviewdocament/index.html
192.124.249.120404 Not Found 0 B URL HTTP/2 www.plumvet.com/wp-admin/reviewdocament/index.html
IP 192.124.249.120:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/reviewdocament/index.html HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Sat, 28 Jan 2023 05:19:24 GMT
content-type: text/html; charset=UTF-8
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.plumvet.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
cdn.userway.org/widgetapp/2023-01-27/locales/en-US.json
185.76.9.25200 OK 0 B URL HTTP/2 cdn.userway.org/widgetapp/2023-01-27/locales/en-US.json
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
GET /widgetapp/2023-01-27/locales/en-US.json HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.plumvet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 05:19:27 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 27 Jan 2023 11:39:56 GMT
etag: W/"0c4b53012957584c54e80867ff489590"
cache-control: max-age=25920000, public
via: 1.1 6e0da02f02a5cb102417e895dead977a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: ZdONpAQnOEiGwrOOxLQFyY5OirmPIGpgSGo-qO-McxrwR9dben1T5w==
age: 38
x-accel-expires: @1700740037
server: CDN77-Turbo
x-77-nzt: AblMCRSzYU3/mvYAAA
x-77-nzt-ray: af585630e91b3d165fb0d463ece66306
x-cache: HIT
x-age: 63130
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.8
192.124.249.120200 OK 0 B URL HTTP/2 www.plumvet.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.8
IP 192.124.249.120:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.8 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:17:09 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.plumvet.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.8
192.124.249.120200 OK 0 B URL HTTP/2 www.plumvet.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.8
IP 192.124.249.120:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.8 HTTP/1.1
Host: www.plumvet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 05:19:25 GMT
content-type: application/javascript; charset=utf-8
x-sucuri-id: 19020
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer
last-modified: Thu, 29 Dec 2022 02:17:09 GMT
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
cdn.userway.org/widgetapp/images/wheel_right_wh.svg
185.76.9.25200 OK 0 B URL HTTP/2 cdn.userway.org/widgetapp/images/wheel_right_wh.svg
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
GET /widgetapp/images/wheel_right_wh.svg HTTP/1.1
Host: cdn.userway.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 05:19:27 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
etag: W/"4471efd520fd01abf13415c6253d668e"
cache-control: max-age=25920000, public
via: 1.1 972139976e4412f67b110b0eeb969592.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: Lomg4Zy9MicnFMhNaI78YPHQTwiiHHnGbjJ7Ze9KCWQi2OA6FabdoQ==
age: 27
x-accel-expires: @1699529273
server: CDN77-Turbo
x-77-nzt: AblMCRTXlPf/JnATAA
x-77-nzt-ray: af585630e91b3d165fb0d463936ae024
x-cache: HIT
x-age: 1273894
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2