r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5655
Expires: Tue, 13 Dec 2022 20:16:12 GMT
Date: Tue, 13 Dec 2022 18:41:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18366
Expires: Tue, 13 Dec 2022 23:48:03 GMT
Date: Tue, 13 Dec 2022 18:41:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 18:33:46 GMT
content-type: application/json
age: 491
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13654
Expires: Tue, 13 Dec 2022 22:29:31 GMT
Date: Tue, 13 Dec 2022 18:41:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Apu2w2/Q84xuy1MTbmUjxWQ5gG/ydn2dvEGVWFgzntJxoZTdMbcGlCvjh2C/6SnLOS9dDlNnJbUonh+JKmCiIA==
x-amz-request-id: AM4DVM88R5KAJHS2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 17:50:09 GMT
age: 3108
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 18:41:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 18:07:57 GMT
age: 2040
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
performanceequinevs.com/
67.225.141.82301 Moved Permanently 0 B IP 67.225.141.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Dec 2022 18:41:57 GMT
Server: Apache
X-Redirect-By: WordPress
X-Content-Type-Options: nosniff
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://performanceequinevs.com/
Cache-Control: max-age=600
Expires: Tue, 13 Dec 2022 18:51:57 GMT
Vary: User-Agent
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Keep-Alive: timeout=2, max=500
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6562
Cache-Control: max-age=144856
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Etag: "639840ac-1d7"
Expires: Thu, 15 Dec 2022 10:56:14 GMT
Last-Modified: Tue, 13 Dec 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LamEDSsTeZWneLl1k6yB+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X9b3cTRZDA1XXXD1qUTK6TBCm0g=
performanceequinevs.com/
67.225.141.82200 OK 20 kB IP 67.225.141.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 2613efcdc37abdda4b70b79ce02c5781
c894edb2dfc53ef43248ab11b3fc8b1f64f6d7b4
575fa2c6867dac1717a32bc25cb3832902944cf6c0bad8fb146e185ae36132e0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Cookie
last-modified: Tue, 13 Dec 2022 18:32:00 GMT
etag: "4ee5-5efb9d5eff385"
accept-ranges: bytes
content-length: 20197
cache-control: max-age=3002, public, public
expires: Tue, 13 Dec 2022 19:32:00 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
link: </wp-content/cache/minify/9f85f.js>; rel=preload; as=script, </wp-content/cache/minify/71cef.js>; rel=preload; as=script, </wp-content/cache/minify/b01bf.js>; rel=preload; as=script, </wp-content/cache/minify/c2926.js>; rel=preload; as=script, </wp-content/cache/minify/aad81.js>; rel=preload; as=script, </wp-content/cache/minify/49e2b.js>; rel=preload; as=script, </wp-content/cache/minify/7fc0e.js>; rel=preload; as=script
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
push-policy: default
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/cache/minify/9f85f.js
67.225.141.82200 OK 32 kB URL HTTP/2 performanceequinevs.com/wp-content/cache/minify/9f85f.js
IP 67.225.141.82:0
File type ASCII text, with very long lines (25075)
Hash dc6bd607fdfab56b102ff5511140f527
8fe84449c4e81d41d86a2e41fe25ed8f8dee237a
58beda66423c8ca95ddb408a626aabff698e6f373fcd99364bc40c270a8d023e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/minify/9f85f.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:31:10 GMT
etag: "7b96-5efb9d2f6a656"
accept-ranges: bytes
content-length: 31638
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/cache/minify/b01bf.js
67.225.141.82200 OK 4.7 kB URL HTTP/2 performanceequinevs.com/wp-content/cache/minify/b01bf.js
IP 67.225.141.82:0
File type ASCII text, with very long lines (1778)
Hash cf74d133898a10a0453433cf76de611e
db67345db6f1bccd5a8ff2d2283a78d18d1f47ad
0e69e2f493ab2b118149b58314d2a15365fe8f004735a5863e12b2a57906ca05
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/minify/b01bf.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:33:10 GMT
etag: "127c-5efb9da1cf7eb"
accept-ranges: bytes
content-length: 4732
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f984d58053be39408d40ea947d38943
871048440e5ee63f08e83909802a4cae099d24d2
cf34f29cecf5262d96efec6d5302d083733a55809df7a1c60ebbacce89ada95f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
performanceequinevs.com/wp-content/cache/minify/71cef.js
67.225.141.82200 OK 34 kB URL HTTP/2 performanceequinevs.com/wp-content/cache/minify/71cef.js
IP 67.225.141.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 94b7d051d7b1585698328b56d99c4664
3a980747e438905d1712449b84d3d57306aff8e7
8e2845963086af529bfefc5ac1dc5450f860de791530db4f0a90e45df2880f8a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/minify/71cef.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:31:11 GMT
etag: "8551-5efb9d300c41d"
accept-ranges: bytes
content-length: 34129
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/cache/minify/49e2b.js
67.225.141.82200 OK 2.7 kB URL HTTP/2 performanceequinevs.com/wp-content/cache/minify/49e2b.js
IP 67.225.141.82:0
File type ASCII text, with very long lines (8848), with no line terminators
Hash 53237bba9589c1056aae941d839836c7
593b5f7da8fc0005792601feb9a307251b0ff9e1
33a8c0dc4c1437c04502cb3c45ff1fdee769c8cd156b4bb2f04b9398522f2f99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/minify/49e2b.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:33:10 GMT
etag: "a5e-5efb9da1cc90b"
accept-ranges: bytes
content-length: 2654
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/cache/minify/aad81.js
67.225.141.82200 OK 8.5 kB URL HTTP/2 performanceequinevs.com/wp-content/cache/minify/aad81.js
IP 67.225.141.82:0
File type Unicode text, UTF-8 text, with very long lines (33559), with CRLF line terminators
Hash 64016175999f08f11735dd40e82bb8fb
c7ee4cd9c7e12e77287b6d8ca7f433aba689aca4
283663f6a1d502ccb850704a355c76ec09f6e6a169b03f973c249dcf1a41e2c4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/minify/aad81.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:31:10 GMT
etag: "211e-5efb9d2f6c596"
accept-ranges: bytes
content-length: 8478
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/cache/minify/7fc0e.js
67.225.141.82200 OK 24 kB URL HTTP/2 performanceequinevs.com/wp-content/cache/minify/7fc0e.js
IP 67.225.141.82:0
File type ASCII text, with very long lines (32068)
Hash eea663af25d59bd6d6fd829ec6c93fd1
fc0c729697a939aa34575e0bedf8c026ccfa9642
f52d9417e0f1a48124ef84967d7235a8bc7d935ada904bb33129cff5a1893cb9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/minify/7fc0e.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:33:10 GMT
etag: "5cc6-5efb9da1d2ab2"
accept-ranges: bytes
content-length: 23750
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
IP 142.250.74.74:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Dec 2022 09:45:42 GMT
expires: Mon, 11 Dec 2023 09:45:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 204976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/cache/minify/c2926.js
67.225.141.82200 OK 27 kB URL HTTP/2 performanceequinevs.com/wp-content/cache/minify/c2926.js
IP 67.225.141.82:0
File type ASCII text, with very long lines (42863)
Hash 3b7c96ee0a5b0235c8b1208962571705
9876d2f2e39c942551ec67e63d55e18b711fbd83
6b59b2fa3074534960256159fb1074fbd249a161c41f95c222e692dcf715d6a2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/cache/minify/c2926.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:31:11 GMT
etag: "6b25-5efb9d3037b68"
accept-ranges: bytes
content-length: 27429
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
67.225.141.82200 OK 890 B URL HTTP/2 performanceequinevs.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP 67.225.141.82:0
Hash 77844a96d72d03c84c5e6970c1fe631b
5f02982c93cf4bf4f70d77ea6dfe04d2efcd9b81
0b5162518ddfdb56914db022a95c1a5eca3271ae2f062cfaa939cc5b7094d63c
GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "fbc-5efa4b47683cf-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 890
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-includes/css/classic-themes.min.css?ver=1
67.225.141.82200 OK 189 B URL HTTP/2 performanceequinevs.com/wp-includes/css/classic-themes.min.css?ver=1
IP 67.225.141.82:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:40:30 GMT
etag: "d9-5efa4ffdf14f1-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 189
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/photo-gallery/booster/assets/css/global.css?ver=1.0.0
67.225.141.82200 OK 3.3 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/photo-gallery/booster/assets/css/global.css?ver=1.0.0
IP 67.225.141.82:0
Hash 63d096b91bd1a699da6fad0309f88611
19e448e80068e098211b41e4d35ba1b1ccd4be17
788dbf4cee99abb81b629f0d1df6a48ea3317b5143ef26d71bf49c7845bd3f8f
GET /wp-content/plugins/photo-gallery/booster/assets/css/global.css?ver=1.0.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "4eb9-5efa4b476dda6-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 3299
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/css/wp-accessibility-helper.min.css?ver=0.5.9.4
67.225.141.82200 OK 2.0 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/css/wp-accessibility-helper.min.css?ver=0.5.9.4
IP 67.225.141.82:0
File type ASCII text, with very long lines (8452), with CRLF, CR line terminators
Hash 98b634c5f1ae4e79def4655e44d85290
89b334c92a3bcf8e06f3af1aa57810148f678bed
4713e664fd749b2bed55de79ded09875dfbb21f4e53c5dd79632c525638c941f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-accessibility-helper/assets/css/wp-accessibility-helper.min.css?ver=0.5.9.4 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Fri, 14 Oct 2022 17:36:06 GMT
etag: "2107-5eb020f899539-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2005
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
67.225.141.82200 OK 2.1 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
IP 67.225.141.82:0
File type ASCII text, with very long lines (7609)
Hash b7c2fd201680d0fdae258d6e7c0b0e16
d6b0c3c069b8c33115b8e33c5ce1eff64ef33139
3457dbccf9f39fb5588b077fbe22d0059bdb686e7298ff7b3c4b8154fe550580
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "1dba-5efa4b47683cf-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2081
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/elementor/css/post-636.css?ver=1670865704
67.225.141.82200 OK 391 B URL HTTP/2 performanceequinevs.com/wp-content/uploads/elementor/css/post-636.css?ver=1670865704
IP 67.225.141.82:0
File type ASCII text, with very long lines (1164), with no line terminators
Hash a2af761ac7d1da63d2f4eb0aa6f34630
e7b808472a81199bca34fa28811f782f81f4dfa9
7090b4e0e8c9e1e56cf66352c0a673403db0828bb8e8b5f73a21a9d718259a48
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-636.css?ver=1670865704 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:21:44 GMT
etag: "48c-5efa4bcc8dc00-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 391
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
67.225.141.82200 OK 4.0 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
IP 67.225.141.82:0
File type ASCII text, with very long lines (42839), with no line terminators
Hash e7d460fe41c87ad9e87c0695426d2f92
f16685ccaa6474b82a282f394ef673b27f07fcc9
b92e0e744425caad084ada130f27b25b00c07eecbca8de743686ab33d3cf100f
GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "a757-5efa4b47683cf-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 3984
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/R5q4jGg09cM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/R5q4jGg09cM
IP 142.250.74.131:0
Hash 5f45102c1228f204a4a378e07d0565b7
cfba63c53cf016c479ef16251bc02770401a18db
8348e95d18cafe7874e931be60bc0754251ba9cfcad8994ec2b280cbddbe7520
POST /s/gts1d4/R5q4jGg09cM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
performanceequinevs.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
67.225.141.82200 OK 4.0 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 67.225.141.82:0
File type ASCII text, with very long lines (19233)
Hash 24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:22 GMT
etag: "4b4f-5efa4b44ab544-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 3961
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.5
67.225.141.82200 OK 7.0 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.5
IP 67.225.141.82:0
File type ASCII text, with very long lines (45071), with no line terminators
Hash d058b5128a4e0731f3e603fe69922641
9295944dd1b1e14ccb9c9a00c3d15fcef45a2812
04dcf8324fefd64402ee31ccb1c6b2a10062c8c6931ce65f409ef65375437689
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.5 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "b00f-5efa4b476742f-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 7049
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/elementor/css/global.css?ver=1670865704
67.225.141.82200 OK 2.8 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/elementor/css/global.css?ver=1670865704
IP 67.225.141.82:0
File type ASCII text, with very long lines (14692)
Hash f00834837ba00de274519d6596a78820
7b7ed9c38d9245e494c03168f307f817382c98f9
8e8956beb5b6d582aaabd55c49899aa5dfd0b1d1cf62a8ee239b0755b9325a77
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1670865704 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:21:44 GMT
etag: "9ab3-5efa4bccc3f2a-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2803
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-427613575
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-427613575
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 4d7a661446392e397c8d14fc15b67054
0751758fec50d5cf7125e4bb269501bf04e27ec7
1bd65a016e1feeb481d90b220d279dfad77a2c9373411fa0655899dce932dd29
GET /gtag/js?id=AW-427613575 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Dec 2022 18:41:58 GMT
expires: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
performanceequinevs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
67.225.141.82200 OK 12 kB URL HTTP/2 performanceequinevs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 67.225.141.82:0
File type ASCII text, with very long lines (47826)
Hash 8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:40:30 GMT
etag: "172a9-5efa4ffdf2879-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 12518
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-162256409-34
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-162256409-34
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 0e6006b3e55c53594fc359f00e174c36
c6977ff2ba204fc74202c29828368c444b8431f8
72cc3f3366d0a88e56a80256fbb4d40c1b45beb89c28a5f203b85d2b5b079c7d
GET /gtag/js?id=UA-162256409-34 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Dec 2022 18:41:58 GMT
expires: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.9.0
67.225.141.82200 OK 18 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.9.0
IP 67.225.141.82:0
File type ASCII text, with very long lines (65497)
Hash 0c666a16413f188d193a142838bdbcab
44dc2286e7e0b6eb4c22be01dd846ae4b1825a61
c07b9f004fe1288f4cf91bf5c782d242c1b0b377c6f8e1f1a8136f477b717f2f
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.9.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:22 GMT
etag: "21a96-5efa4b44a827c-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 18303
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-RV9QL9HDWF
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RV9QL9HDWF
IP 142.250.74.168:0
File type ASCII text, with very long lines (22462)
Hash 1ed60ddb3feb0584b66a0b2dcd64bc89
32adb3feef5daa69dc7d39dc2bbd2ae818298446
17d408acbe7bce1c43276cb071f102570a87965a2027907285c0608f4db0d574
GET /gtag/js?id=G-RV9QL9HDWF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Dec 2022 18:41:58 GMT
expires: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76895
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/css/owl.carousel.css
67.225.141.82200 OK 1.9 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/css/owl.carousel.css
IP 67.225.141.82:0
File type ASCII text, with very long lines (304)
Hash 440501c0aaa53349275941206ba6bda8
ad3fa456dd2f5f02c6749d73cf4be12c5b21c70e
80ca7171dbaf7758f73318be893d888a08dfaa744041f78ecc43a9ba67f4d6ea
GET /wp-content/themes/mts_schema/css/owl.carousel.css HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Thu, 23 Apr 2020 14:19:24 GMT
etag: "1b7b-5a3f5ef7fd300-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 1925
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/css/animate.min.css?ver=6.1.1
67.225.141.82200 OK 2.6 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/css/animate.min.css?ver=6.1.1
IP 67.225.141.82:0
File type ASCII text, with very long lines (16755)
Hash f33cff0ba0b03380f6b6c50146faf5ee
77c05a2304724273f1145f3dfc660f59fa5d17eb
427029b71729b61a7369a51140e9141a75403e2f5d1cb12f3ccde0384bc41418
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mts_schema/css/animate.min.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Thu, 23 Apr 2020 14:19:24 GMT
etag: "4238-5a3f5ef7fd300-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2621
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1
67.225.141.82200 OK 18 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1
IP 67.225.141.82:0
File type assembler source, ASCII text
Hash bf77372ab40280cbb999004e2ec2e6fc
7b5e1a43164fa77c6ba401ddb2dddd47a97d70e3
d187c9a3c431908430f7a689ba1f98546f0d598dd9909c8b1e4a2653e12eae7b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/haven-schema-child/style.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Fri, 28 Oct 2022 17:31:51 GMT
etag: "1c17f-5ec1ba2134fc0-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 18223
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/css/responsive.css?ver=6.1.1
67.225.141.82200 OK 2.5 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/css/responsive.css?ver=6.1.1
IP 67.225.141.82:0
Hash 94002b59df94cd8986029531c38c869f
8c5c6a7b88dd6fbaf23fd8ca38c147d23676f1d8
2a10f9af15aafba89090474d723b0e66cebba6cf0578732838bf937000db1cdf
GET /wp-content/themes/mts_schema/css/responsive.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Fri, 01 May 2020 09:29:52 GMT
etag: "3034-5a492d2c72400-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2536
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/css/font-awesome.min.css?ver=6.1.1
67.225.141.82200 OK 7.1 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/css/font-awesome.min.css?ver=6.1.1
IP 67.225.141.82:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/themes/mts_schema/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Thu, 23 Apr 2020 14:19:24 GMT
etag: "7918-5a3f5ef7fd300-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 7053
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.9.0
67.225.141.82200 OK 37 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.9.0
IP 67.225.141.82:0
File type ASCII text, with very long lines (65493)
Hash 060b1427f1a385b3b22b164e1808f416
e9f4da0716038abe15be7a65093e9e77d54f0618
0a450b8f2bb6ea677e4d6a7b736720a74e5f561b4fc5ad8975b1fff96445c11b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.9.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:23 GMT
etag: "630db-5efa4b461bba3-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 37417
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/google_small_icon.png
67.225.141.82200 OK 1.1 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/google_small_icon.png
IP 67.225.141.82:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 2606f22605b274be38c1e976e0dfd729
bf8816a7c8944c0225a8c200a272b4dca70959b5
81ff91e4c4794046c6b1c35738923e07413ed7c0a116dc5fbc95b4db9d7b2b4f
GET /wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/google_small_icon.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "431-5efa4b4b201de"
accept-ranges: bytes
content-length: 1073
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg
67.225.141.82200 OK 1.6 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash d05abf390d4b570b525b3c800fdad3ee
218a5227ebdc0a75488782f54c85c0b21dfa74c9
cbfbe8067fa989262a4cc96558f10686f87c40da2d1cd6f96b01770ac3d7d424
GET /wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Fri, 14 Oct 2022 17:36:06 GMT
etag: "62d-5eb020f899151"
accept-ranges: bytes
content-length: 1581
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2020/08/PEVS-Color-logo1.png
67.225.141.82200 OK 18 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2020/08/PEVS-Color-logo1.png
IP 67.225.141.82:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 284435d23fa807787ca59ca75c182c34
c2a3cc7cba074b933f6362cbe280572045a2a577
8e942da79801b6ffe2122a9fea5b3f7c694781ea301f08b35ff1dc476bb14e2b
GET /wp-content/uploads/2020/08/PEVS-Color-logo1.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:41 GMT
etag: "471c-5b3c3f4439595"
accept-ranges: bytes
content-length: 18204
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/easy-columns/css/easy-columns.css
67.225.141.82200 OK 893 B URL HTTP/2 performanceequinevs.com/wp-content/plugins/easy-columns/css/easy-columns.css
IP 67.225.141.82:0
File type ASCII text, with CRLF line terminators
Hash 16350009543f8747d7ae2b74a0c8cd16
1233bc5f5a3e7c725f4d970912d151f41d8c0f4b
6e06042f8ddc316b8d52d4e2c2cb8509f93f8c4f58fd5663e5e506269841cb3c
GET /wp-content/plugins/easy-columns/css/easy-columns.css HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Thu, 01 Sep 2022 18:03:04 GMT
etag: "b20-5e7a16cc3f4d2-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 893
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f984d58053be39408d40ea947d38943
871048440e5ee63f08e83909802a4cae099d24d2
cf34f29cecf5262d96efec6d5302d083733a55809df7a1c60ebbacce89ada95f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.leadconnectorhq.com/loader.js?ver=6.1.1
35.244.153.18200 OK 3.2 kB URL HTTP/2 widgets.leadconnectorhq.com/loader.js?ver=6.1.1
IP 35.244.153.18:0
Hash 578ef8ec3c524817ae83ff5a2d697208
f05cb92fc54268c1edd2c7bfddbc5055f319f3df
ba0d54db956dbaa8ae45d8b0cd8a8445a4d0c7862847860d4c1b55b3d2807c2b
GET /loader.js?ver=6.1.1 HTTP/1.1
Host: widgets.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvN1n9-4UJzA_4h331IMfWEfwsEv1UJfmS3Vw-lOdFQkdLEJuWus6ThVIQrRN380v4HpC5FhbnDti4OeaFnaXatThShPA_I
x-goog-generation: 1668134903825170
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3157
x-goog-hash: crc32c=7zWrXQ==, md5=V4747DxSSBeug/9aLWlyCA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3157
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Tue, 13 Dec 2022 18:41:59 GMT
expires: Tue, 13 Dec 2022 19:41:59 GMT
cache-control: public, max-age=3600
last-modified: Fri, 11 Nov 2022 02:48:23 GMT
etag: "578ef8ec3c524817ae83ff5a2d697208"
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
performanceequinevs.com/wp-content/themes/mts_schema/theme-specific/doctors/doctor-dup.css?ver=6.1.1
67.225.141.82200 OK 813 B URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/theme-specific/doctors/doctor-dup.css?ver=6.1.1
IP 67.225.141.82:0
File type ASCII text, with CRLF line terminators
Hash 46dfa13a10f394b404a2c84c458d59f4
72cc68b9902164314f0329d980692fdbf5e6f027
222962b3b74fe402924dad4175bc49f2ef3612b9357139bf39cb105d42d709bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mts_schema/theme-specific/doctors/doctor-dup.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Sat, 13 Jun 2020 06:31:18 GMT
etag: "a36-5a7f157599980-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 813
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/css/slick.css?ver=6.1.1
67.225.141.82200 OK 1.4 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/css/slick.css?ver=6.1.1
IP 67.225.141.82:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 290d2effc568c4127d37ce004de08124
0fb3c67ec3330f9d46c5e50135f689327d1070a0
935ac3a13726f7b0c2079f638d787d0c36f88957307a0b2c18347be12e8f3734
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mts_schema/css/slick.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Tue, 06 Oct 2020 18:15:12 GMT
etag: "1833-5b10494716c00-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 1392
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
67.225.141.82200 OK 5.0 kB URL HTTP/2 performanceequinevs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 67.225.141.82:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:40:30 GMT
etag: "48b9-5efa4ffe2f903-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 5009
content-type: application/x-javascript
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/haven-schema-child/assets/animate.min.css?ver=6.1.1
67.225.141.82200 OK 3.1 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/haven-schema-child/assets/animate.min.css?ver=6.1.1
IP 67.225.141.82:0
File type ASCII text, with CRLF, CR line terminators
Hash 7149bab629da20e2a5c2d3d3ad3a4b03
4066e4a5aaff9066c3dca6003f206aa64cf6acbe
c4e1e9e446ae553ce832da9c0ba70e92b38aa8e86e8e45d2851f8c6aead65d61
GET /wp-content/themes/haven-schema-child/assets/animate.min.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Tue, 10 Nov 2020 17:23:14 GMT
etag: "78fd-5b3c3ef116b2b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 3067
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0
67.225.141.82200 OK 19 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0
IP 67.225.141.82:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (8705), with CRLF line terminators
Hash 5173bebac8ab5d80ec53cc2d7ca31e28
129e35ca669107583bd54b1570b0a4b45d77cb6a
3687cb446dbc5255d9ffeac14dfa370ebbf44f2b5d1d4b2fd7ef10bf8e191fd7
GET /wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "15ad9-5efa4b4b2194e-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 19044
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/facebook_small_icon.png
67.225.141.82200 OK 223 B URL HTTP/2 performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/facebook_small_icon.png
IP 67.225.141.82:0
File type PNG image data, 32 x 32, 4-bit colormap, non-interlaced\012- data
Hash cd01d0a0b858636c4ffbdc677340d8ff
bfea29a3622ae145357e4282abaa9a91b31ef5d8
dfc2cd76b621e4cf83c194b1359dd2b2d5f3a915daa2017b58cb9373a6e9ccb5
GET /wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/facebook_small_icon.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "df-5efa4b4b1fa0e"
accept-ranges: bytes
content-length: 223
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2022/05/esp2.png
67.225.141.82200 OK 37 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2022/05/esp2.png
IP 67.225.141.82:0
File type PNG image data, 300 x 219, 8-bit/color RGBA, non-interlaced\012- data
Hash 1505320da16c16d9d2f6d9b3032ba225
117922218994033697a2a44eb2c8dff7becb52cf
487bc4b6ec3d0a3d46caa6d39116557d998ebfc9c73e73e7a0b873823b4bb59e
GET /wp-content/uploads/2022/05/esp2.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 18 May 2022 04:05:48 GMT
etag: "905c-5df415f4aabb5"
accept-ranges: bytes
content-length: 36956
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/R5q4jGg09cM
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/R5q4jGg09cM
IP 142.250.74.131:0
Hash 5f45102c1228f204a4a378e07d0565b7
cfba63c53cf016c479ef16251bc02770401a18db
8348e95d18cafe7874e931be60bc0754251ba9cfcad8994ec2b280cbddbe7520
POST /s/gts1d4/R5q4jGg09cM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.carecredit.com/sites/pc/image/carecredit_button_applypay_prequal_350x213_green_v1.jpg
104.110.7.17200 OK 16 kB URL HTTP/2 www.carecredit.com/sites/pc/image/carecredit_button_applypay_prequal_350x213_green_v1.jpg
IP 104.110.7.17:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c5eb202556d77351048bbd5b9e78f30a
7121991330aa644d66cc3706fe28547a4450ed61
dc7c23ceed219b0ae75546d2c01f691d3454c170b32338b5cab4ec956b74bc09
GET /sites/pc/image/carecredit_button_applypay_prequal_350x213_green_v1.jpg HTTP/1.1
Host: www.carecredit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 04 Dec 2022 04:01:33 GMT
server: Akamai Image Manager
x-serial: 288
x-edgeconnect-midmile-rtt: 49
x-edgeconnect-origin-mex-latency: 150
x-check-cacheable: YES
content-length: 15566
content-type: image/webp
cache-control: private, no-transform, max-age=318666
expires: Sat, 17 Dec 2022 11:13:05 GMT
date: Tue, 13 Dec 2022 18:41:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
true_client_ip: 91.90.42.154
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/style.css
67.225.141.82200 OK 14 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/style.css
IP 67.225.141.82:0
File type Unicode text, UTF-8 text, with very long lines (2006)
Hash 2cdf457471db3afcdc6a163bddb24679
36c89679af3d06afe7b0770f5629191c0f488b15
bcdeb074464657abe2ee6b3d26c73840998284f15a4878f07f75b879e696c0f5
GET /wp-content/themes/mts_schema/style.css HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Tue, 06 Oct 2020 18:22:40 GMT
etag: "10e8f-5b104af255c00-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 14068
content-type: text/css
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12233
Expires: Tue, 13 Dec 2022 22:05:52 GMT
Date: Tue, 13 Dec 2022 18:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12233
Expires: Tue, 13 Dec 2022 22:05:52 GMT
Date: Tue, 13 Dec 2022 18:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12233
Expires: Tue, 13 Dec 2022 22:05:52 GMT
Date: Tue, 13 Dec 2022 18:41:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f8d3e3c9e5d2ed74c3894b4825fcc2f
6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da
9e44f93e65206ae7095cf9177296f4f528f1c2597cffa4853b7d6dcabf032796
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5619
x-amzn-requestid: df7189d2-5cad-43a2-9511-20c5de53f710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEMPFCSIAMF4uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d81-729683c606fd6abc5bc70534;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RGXTgoiaug7mLXDpXTDH6KeUbCEV8ZR9tuJRmG2LU_Mqr_hdLnzpBA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:59:55 GMT
age: 74524
etag: "6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YHHaFWjmRFuBvcFQ6orltY_4JuQEcHhfyjxHO3-XZduh_hEGfPcPoA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 03:58:00 GMT
age: 53039
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/images/nobg.png
67.225.141.82200 OK 68 B URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/images/nobg.png
IP 67.225.141.82:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 73031b554fd75a3df2b54c9fc5d2d654
447a248347bf2e003df3dd1750403068575ee019
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
GET /wp-content/themes/mts_schema/images/nobg.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 14:19:26 GMT
etag: "44-5a3f5ef9e5780"
accept-ranges: bytes
content-length: 68
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82729f01d4f9937407d14605a2b611f4
63ef739dbbcd1238da788c05909df21826d9f37b
4420ac61a207ef4d7899632123af2dd2c7421e6d16a494aea33383d37d603038
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5871
x-amzn-requestid: 0c5fa60d-81f3-4796-966d-cf91b6a28939
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWefGstIAMF-zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979df6-7234498f4094f61107741d1c;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f6d2A_b3AN_-g7QFNmtlMhjEitZ4fw9GX5w-xx1PxH-z_FdqjvabTQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:57:41 GMT
age: 74658
etag: "63ef739dbbcd1238da788c05909df21826d9f37b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eCJ1Y9f8WMsfMlaqxVR4kTx0Eacgeqn2TN-df-DPt9nQI9AIrqHkEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:16:33 GMT
age: 73526
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6788236cae1083aaf5a1cf95f1a6c9b
3825506ecfd360bf5352979023f445748373be3b
544d94a4896d3db29f3b6e518503f82776a3feaa55a5e9114b5572da1e667691
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9676
x-amzn-requestid: 6d84c903-9bdb-4255-8324-d87d99cd1979
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWgGHZZoAMFtwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979e00-7964e1ca60e88ca45822b963;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r4L6lushe7nGkttIzAH9dCCjcQ6oVWYMUpMyAubdHl-Rjbh4byzlaA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:53:49 GMT
age: 74890
etag: "3825506ecfd360bf5352979023f445748373be3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 703d359edb819eaefc6ccae224bbde15
4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8
0452d24052bef979fd13f1a0fefb4c7803ff91c5afa3c871f85b73eb08f15489
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12144
x-amzn-requestid: 0d00ec22-808c-4f60-98b1-87eef4aad829
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6n0yFORIAMFskA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394201e-58f1a5c87fc341bf56fa9d68;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 05:58:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sW4dQXExyH6JvbdtSgIPJUiifHh-VfbfcG5hKMaJ4tZA3pO-fobF6w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 04:15:05 GMT
age: 52014
etag: "4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9649509b14db5a889641078ccb05066
92c2224c6a970bf397d23a2fd37de759f74dd46c
6e7d750905e29196f6246744bb30b0ab0c5baa4a3909db5fabad7809b58aa825
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:30:11 GMT
expires: Sat, 09 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 389508
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
performanceequinevs.com/wp-content/uploads/2020/11/chevron.png
67.225.141.82200 OK 192 B URL HTTP/2 performanceequinevs.com/wp-content/uploads/2020/11/chevron.png
IP 67.225.141.82:0
File type PNG image data, 32 x 22, 8-bit colormap, non-interlaced\012- data
Hash 8435e84e91a7cc2348745141403e1738
252fb945a8d15b6bfb6f798ff2336d91fd5928a7
1fb32d07bc61e2fb69e17c215bbded3e57f78c491f15abdb8528cd4e1be7e84b
GET /wp-content/uploads/2020/11/chevron.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 18:18:43 GMT
etag: "c0-5b3c4b582c637"
accept-ranges: bytes
content-length: 192
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2020/11/plus-pat.png
67.225.141.82200 OK 372 B URL HTTP/2 performanceequinevs.com/wp-content/uploads/2020/11/plus-pat.png
IP 67.225.141.82:0
File type PNG image data, 52 x 52, 8-bit gray+alpha, non-interlaced\012- data
Hash 1dfe7f54329b5d7ae1921efa7f75225a
23232b07138c7c1a1428cf35f8c4c840a5931568
6f0487f95b79b771c35de9584066f71c726e833c6f4f6db3e2df6cf38d913c62
GET /wp-content/uploads/2020/11/plus-pat.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 18:18:44 GMT
etag: "174-5b3c4b594fa40"
accept-ranges: bytes
content-length: 372
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d6967930.6323851!2d-85.1062684765957!3d31.48816517793861!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88e88165122ef607%3A0xc4667461729a7b5c!2sPerformance%20Equine%20Veterinary%20Services!5e0!3m2!1sen!2sus!4v1623244730177!5m2!1sen!2sus
216.58.207.228200 OK 1.6 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d6967930.6323851!2d-85.1062684765957!3d31.48816517793861!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88e88165122ef607%3A0xc4667461729a7b5c!2sPerformance%20Equine%20Veterinary%20Services!5e0!3m2!1sen!2sus!4v1623244730177!5m2!1sen!2sus
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3262)
Hash a7df314ad228de14fa16da725d18825c
d9932a19b411f6509eb18b03a6dc1850b9060778
bc95b03d255085d30c23f4993c14197752c8fa877e26045ca572d98ff2a07d04
GET /maps/embed?pb=!1m18!1m12!1m3!1d6967930.6323851!2d-85.1062684765957!3d31.48816517793861!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88e88165122ef607%3A0xc4667461729a7b5c!2sPerformance%20Equine%20Veterinary%20Services!5e0!3m2!1sen!2sus!4v1623244730177!5m2!1sen!2sus HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 18:41:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-KbZXLHlCV_sieABPGaaBJQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1594
x-xss-protection: 0
server-timing: gfet4t7; dur=143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2022/02/equine-veterinarian-ocala-fl.jpeg
67.225.141.82200 OK 133 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2022/02/equine-veterinarian-ocala-fl.jpeg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 900x600, components 3\012- data
Size 133 kB (132988 bytes)
Hash 498f0be87e620d14c56f0ecd446c9b03
6b93ece18fedb18f9e6ab130bbd2374cb9f18508
6d22d167601d082a90aff04a3d0dff9b30ff3709741d2f9575380d30d7e81ce0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/02/equine-veterinarian-ocala-fl.jpeg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Feb 2022 16:16:28 GMT
etag: "2077c-5d79827eb9bf8"
accept-ranges: bytes
content-length: 132988
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2022/02/equine-hospital-ocala-fl.jpeg
67.225.141.82200 OK 172 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2022/02/equine-hospital-ocala-fl.jpeg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1000x667, components 3\012- data
Size 172 kB (171903 bytes)
Hash a3f279263d5073cb3c020fefd5bb212e
fa876a2c9451f7c502000a2ad056336a99abf24a
28b6b4cae08d1f083680051c62fbdb9ba8c5716801c336ffd4182742ce9aed96
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/02/equine-hospital-ocala-fl.jpeg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Feb 2022 16:16:46 GMT
etag: "29f7f-5d798290629f4"
accept-ranges: bytes
content-length: 171903
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8bc1b4db769ee14aba872f3f93af10b1
f24c742805ff56d77d50924d60dabd2b6750c46e
35e6181045327df4b97bddff70ea1f9510e03d6896213b5f8473d8da771b15f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
performanceequinevs.com/wp-content/uploads/2020/12/3QSllJVIQhmxeCQXpZ8Hjsexr6x0tY7-VA-scaled-e1607544549301.jpeg
67.225.141.82200 OK 390 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2020/12/3QSllJVIQhmxeCQXpZ8Hjsexr6x0tY7-VA-scaled-e1607544549301.jpeg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1120x1508, components 3\012- data
Size 390 kB (390157 bytes)
Hash f5507c826d78c879c28324d29866966d
7d25355cd6ba11cabe187cf30ee54d63ffd1fd71
02e96ba5c82fe5a4bcff166c911af4f49afb55218702d37b067208142b476aa5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/12/3QSllJVIQhmxeCQXpZ8Hjsexr6x0tY7-VA-scaled-e1607544549301.jpeg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 20:09:09 GMT
etag: "5f40d-5b60da1d67573"
accept-ranges: bytes
content-length: 390157
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2020/12/xAKYJZz7isBEdWZSGDglZ4TQivJIoc1QeA.jpg
67.225.141.82200 OK 11 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2020/12/xAKYJZz7isBEdWZSGDglZ4TQivJIoc1QeA.jpg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Hash 9557af7a875328eb2bd20996e2e9d6fe
2761360db2178548e7f150b8fe7f5a4f8f26b803
81013d6641319b4e3f7e8a1d619374ba1348dd8669fc3460fbfe301e8a0bb7d5
GET /wp-content/uploads/2020/12/xAKYJZz7isBEdWZSGDglZ4TQivJIoc1QeA.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 20:06:39 GMT
etag: "2ae2-5b60d98e27369"
accept-ranges: bytes
content-length: 10978
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/fonts/slick.woff
67.225.141.82200 OK 1.4 kB URL HTTP/2 performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/fonts/slick.woff
IP 67.225.141.82:0
File type Web Open Font Format, CFF, length 1380, version 1.0\012- data
Hash b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-review-slider-pro-premium/public/css/fonts/slick.woff HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "564-5efa4b4b21d36"
accept-ranges: bytes
content-length: 1380
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/font-woff
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2022/02/top-header-bg.jpg
67.225.141.82200 OK 57 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2022/02/top-header-bg.jpg
IP 67.225.141.82:0
File type gzip compressed data, max compression\012- data
Hash 23244f6101348927192953d45abfded4
838517641474e9244a1b778af25f491994b946af
d9ba990e5c0d75eda6e4239802fa596b18c6365dfb445b024a62a51d158d0df1
GET /wp-content/uploads/2022/02/top-header-bg.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Thu, 03 Feb 2022 06:21:40 GMT
etag: "2f581-5d71725b2c5d3"
accept-ranges: bytes
content-length: 193921
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6668df18d0e067cb9d2cdb88facba6a9
8dca458501ed32e2b530d729817e0a12910145ec
8fa090fc36252b04f278f812a6b4f286dc672bbfb6db1402ac814f4f9723f5fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
142.250.74.3200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (2669)
Hash 670da89542ecf04a8bbff2049748654f
2fcd2c31427edfd9b3180e233a009677b0d88973
d1bdcacb4973ce7c60a0f59144bf6fb699eea4fc016ca1780cdf61dbd9efb3bc
GET /maps-api-v3/embed/js/51/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69327
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:12:31 GMT
expires: Thu, 07 Dec 2023 20:12:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
content-type: text/javascript
age: 512968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6668df18d0e067cb9d2cdb88facba6a9
8dca458501ed32e2b530d729817e0a12910145ec
8fa090fc36252b04f278f812a6b4f286dc672bbfb6db1402ac814f4f9723f5fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
performanceequinevs.com/wp-content/uploads/2019/02/Amanda-Cook.jpg
67.225.141.82200 OK 58 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2019/02/Amanda-Cook.jpg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x400, components 3\012- data
Hash 1ad648df24e8ed75ad4da1054fb22ce9
20c346bbe5f48309594d307ce2222cda0e68d374
1b4c11a6f07923cd0163d3ef23dfb6dbb083dd7c10adbfef29e443683db5667c
GET /wp-content/uploads/2019/02/Amanda-Cook.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:03 GMT
etag: "e2a2-5b3c3f1f94fa2"
accept-ranges: bytes
content-length: 58018
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0
67.225.141.82200 OK 77 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 67.225.141.82:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://performanceequinevs.com/wp-content/themes/mts_schema/css/font-awesome.min.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Apr 2020 14:19:24 GMT
etag: "12d68-5a3f5ef7fd300"
accept-ranges: bytes
content-length: 77160
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/font-woff2
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2019/03/60-VET.jpg
67.225.141.82200 OK 91 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2019/03/60-VET.jpg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x582, components 3\012- data
Hash 9cc6d8a464e583fc1c6cddc907ae3e06
945f4c92e828d12468d2e69b6298ee88353acb92
91626ecff01caf2531a598ae05ee6b30c070ba9c1900a70494ba61d430e88c0d
GET /wp-content/uploads/2019/03/60-VET.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:19 GMT
etag: "1638c-5b3c3f2f1e2b3"
accept-ranges: bytes
content-length: 91020
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2020/03/Rullan-Gallery-Photo-3.jpg
67.225.141.82200 OK 105 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2020/03/Rullan-Gallery-Photo-3.jpg
IP 67.225.141.82:0
File type JPEG image data, progressive, precision 8, 618x960, components 3\012- data
Size 105 kB (105377 bytes)
Hash 11aed9098c4ff0ff1608c456131ea7f5
218973757440663f7afdbfdb8a3960e71c3b051b
df1cad869af9750cb63cbe99a692939859a1161b5ad98b9b8ac926a9cfc0305e
GET /wp-content/uploads/2020/03/Rullan-Gallery-Photo-3.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:22 GMT
etag: "19ba1-5b3c3f31b1935"
accept-ranges: bytes
content-length: 105377
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2019/02/resize-IMG_2950.jpg
67.225.141.82200 OK 242 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2019/02/resize-IMG_2950.jpg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=Canon, model=Canon EOS REBEL T3, resolutionunit=2, datetime=2016:09:07 14:05:30], baseline, precision 8, 1920x1280, components 3\012- data
Size 242 kB (241468 bytes)
Hash 2e7e6e1abce57ad4ebb5418db9e5ee51
493b3fde9c82b0bdbc66ae16a0bdda71f282eb23
b24461a392d96eeb875ad4bb8e4f590873c34a5e10a23bffd87a21e7b8d4670e
GET /wp-content/uploads/2019/02/resize-IMG_2950.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:05 GMT
etag: "3af3c-5b3c3f215014b"
accept-ranges: bytes
content-length: 241468
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2019/02/fieldsurgery-scaled.jpg
67.225.141.82200 OK 433 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2019/02/fieldsurgery-scaled.jpg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1707, components 3\012- data
Size 433 kB (432986 bytes)
Hash a3650eee13ed80ec1778ed901c2a5bb4
0b2ca429e3601ab9e894891034c26aab39cbcd99
164851de8929e0b8dad38f4e0bc39722f24063b6f7ba4eec669d1bd88625d19c
GET /wp-content/uploads/2019/02/fieldsurgery-scaled.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:08 GMT
etag: "69b5a-5b3c3f247b185"
accept-ranges: bytes
content-length: 432986
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/uploads/2020/12/uARYdqZIRmKeSjoWnsacHvhZap6dsUWBPg-scaled-e1607544729780.jpeg
67.225.141.82200 OK 508 kB URL HTTP/2 performanceequinevs.com/wp-content/uploads/2020/12/uARYdqZIRmKeSjoWnsacHvhZap6dsUWBPg-scaled-e1607544729780.jpeg
IP 67.225.141.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1971x1133, components 3\012- data
Size 508 kB (508520 bytes)
Hash a48aa0d6fafc075fdb7709bd1b169bf3
5c6291ae61600e006a0678e264298c617fdf3c48
75fa951d61fccf711d9fcc8d2eda670cfbc344d409dd16bd0c4a393d8fbe2e8b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2020/12/uARYdqZIRmKeSjoWnsacHvhZap6dsUWBPg-scaled-e1607544729780.jpeg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 20:12:09 GMT
etag: "7c268-5b60dac977018"
accept-ranges: bytes
content-length: 508520
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f3a70d8ddbade77f5a23db8af884c0d6
04ea47aef9f45cfaac947c94a3f56ad9a1a9e610
7ced73077954fcf401b9bddc683d5c3ee38212cca3d30c56a1c2519f986d13b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-RV9QL9HDWF>m=2oebu0&_p=951571627&cid=1774996477.1670956918&ul=en-us&sr=1280x1024&_s=1&sid=1670956917&sct=1&seg=0&dl=https%3A%2F%2Fperformanceequinevs.com%2F&dt=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-RV9QL9HDWF>m=2oebu0&_p=951571627&cid=1774996477.1670956918&ul=en-us&sr=1280x1024&_s=1&sid=1670956917&sct=1&seg=0&dl=https%3A%2F%2Fperformanceequinevs.com%2F&dt=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RV9QL9HDWF>m=2oebu0&_p=951571627&cid=1774996477.1670956918&ul=en-us&sr=1280x1024&_s=1&sid=1670956917&sct=1&seg=0&dl=https%3A%2F%2Fperformanceequinevs.com%2F&dt=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://performanceequinevs.com
date: Tue, 13 Dec 2022 18:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/imgs/slider_arrow.png
67.225.141.82200 OK 196 B URL HTTP/2 performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/imgs/slider_arrow.png
IP 67.225.141.82:0
File type PNG image data, 9 x 16, 8-bit gray+alpha, non-interlaced\012- data
Hash 2ef00a0cc7dce1f775b3418af1655781
a6d020af873f813c1fddb8bee1e8858e0d1a94be
16be0ced465b05ef7b5b40cdb3cc3e09a1fa52c540a22d327ad9e82ad806dd32
GET /wp-content/plugins/wp-review-slider-pro-premium/public/css/imgs/slider_arrow.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "c4-5efa4b4b2194e"
accept-ranges: bytes
content-length: 196
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (649)
Size 163 kB (163396 bytes)
Hash aa75370bb1ce2d5b05b0d02f6feecba4
f110915b53288da7b267c51210cfc239dc0b5591
cfb8dadaba93a5e0a08739ce589b55cc61fb93d0c616da564394ce925bef6197
GET /recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 16:04:41 GMT
expires: Wed, 13 Dec 2023 16:04:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
content-type: text/javascript
age: 9439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 13 Dec 2022 17:34:02 GMT
expires: Tue, 13 Dec 2022 19:34:02 GMT
cache-control: public, max-age=7200
age: 4078
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69a7451c35876a8257f0525d6e9ed93d
506c7fcac44cb8190813b6e1171e42884d26cb5a
3f68d76c4edfb94578f3c10dcef00b865001f6c5f19a71cf7b744557f905cf3a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/427613575/?random=1670956917642&cv=11&fst=1670956917642&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&auid=777209353.1670956918&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 924 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/427613575/?random=1670956917642&cv=11&fst=1670956917642&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&auid=777209353.1670956918&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2043), with no line terminators
Hash 5db8d3d48887200c9db1e906eece9db3
f64371544fdb1415a106fb78d9baea54d4814e20
27e4b672da8b990526c5dc772527db91b5a1d12dd9e2121a2fbd9d554e12dfe6
GET /pagead/viewthroughconversion/427613575/?random=1670956917642&cv=11&fst=1670956917642&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&auid=777209353.1670956918&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 18:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 924
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Dec-2022 18:57:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png
67.225.141.82200 OK 12 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png
IP 67.225.141.82:0
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash d03258c9b842257bdd7d3331ba489bb8
ab1a27211a737e7ae1ec7669e47b68dfbcf17901
6e5ff69148e2ce3877182bf1ec70d1e01abc680cb0c1dd9b28e5b1ef4239d5d2
GET /wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.777209353.1670956918; _ga_RV9QL9HDWF=GS1.1.1670956917.1.0.1670956917.0.0.0; _ga=GA1.1.1774996477.1670956918
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 14:19:26 GMT
etag: "30c5-5a3f5ef9e5780"
accept-ranges: bytes
content-length: 12485
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:42:00 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:42:00 GMT
server: Apache
X-Firefox-Spdy: h2
performanceequinevs.com/wp-content/themes/mts_schema/images/favicon.png
67.225.141.82200 OK 4.2 kB URL HTTP/2 performanceequinevs.com/wp-content/themes/mts_schema/images/favicon.png
IP 67.225.141.82:0
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 9cd9877ac8b6f799cca5d9ee2b784ecd
46696bec58e775cf809dab4969c8f1da036c384b
8a43af0fa70295eb53f1abd57fcdbe8a84b2b9345bfc07f544775aa09be4689f
GET /wp-content/themes/mts_schema/images/favicon.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.777209353.1670956918; _ga_RV9QL9HDWF=GS1.1.1670956917.1.0.1670956917.0.0.0; _ga=GA1.1.1774996477.1670956918
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 14:19:26 GMT
etag: "1046-5a3f5ef9e5780"
accept-ranges: bytes
content-length: 4166
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:42:00 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:42:00 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f4942735f0e39273509faff0eb7ae8f7
35252c3eaf3ae6d0b572d960dafd32dd4cb140fd
de447902446c6b4c6ceaae57844d7e9a9ce9ba78d162b9f1fffee64bfea4f3cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 199925093192d6206fa6235535ad8471
3f6a6f790a64f9b85965c5a6be09805a0f38af90
206dd41c7d15caae4f59b111b41f6f9fa317981e800c5d946b83803ca7eb93ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/427613575/?random=1670956917642&cv=11&fst=1670954400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=548269718&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/427613575/?random=1670956917642&cv=11&fst=1670954400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=548269718&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/427613575/?random=1670956917642&cv=11&fst=1670954400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=548269718&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 18:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 199925093192d6206fa6235535ad8471
3f6a6f790a64f9b85965c5a6be09805a0f38af90
206dd41c7d15caae4f59b111b41f6f9fa317981e800c5d946b83803ca7eb93ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js
104.17.25.14200 OK 9.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js
IP 104.17.25.14:0
File type Unicode text, UTF-8 text, with very long lines (26995)
Hash 858480d3acbd708b24c4fb2094a7a4cf
6a8263b9e78ec3706b9472a2351e20f39dd611ad
e9da7fcbd76e5f8bf8a72f403f7e105fa2ac61d6432a690b85afa9d076a44077
GET /ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://widgets.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 18:42:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 8967
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "602836ba-7351"
last-modified: Sat, 13 Feb 2021 20:29:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1195570
expires: Sun, 03 Dec 2023 18:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk0f7bN7uh6jD22K2DYDvCyoj5a%2F9EuhLDgDBbPGHdq9XicjdhEUmUGzHwfSiPhg3Wp%2FEjAd%2FRP6YUoUJE%2FZRXmym6Lx5iQEaEhhoJ7o155zaTA63wpRR7a42EneNMqldO3RFUj7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7790d6539a60b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
104.17.25.14200 OK 1.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (19157), with no line terminators
Hash 4eade92e5f7544b01a36a5cdd3510af2
fe96da6c2d25fe612714759bdc3e293aaa74e49e
66c8a017eb9d1ff2d2227ffc9ae0af55d186969b062c87f2bb7a920df4f50bc3
GET /ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 18:42:00 GMT
content-type: text/css; charset=utf-8
content-length: 1820
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "602836ba-4ad5"
last-modified: Sat, 13 Feb 2021 20:29:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1197560
expires: Sun, 03 Dec 2023 18:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAKUDU0%2BEIRUA5QY80lyDdgLuBcwtNr7CEyCGvQu1OtW2glVXHQazcbG8ZaT2gyHs2Dm5dEraHKPiw9mT0thB8t%2Bb1UAeQOjO5c8aHweeYSaI2sGW%2BzzCj7sHVC2wh%2Bnq%2FfZL7MR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7790d65398d3b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 515286
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/7_8ryOK2h0M
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/7_8ryOK2h0M
IP 142.250.74.131:0
Hash 58d8258ce2c51bce837113e9419d4225
291cb9451768fcd34ff70b73910c25180fbef46c
e278a656402a871461ed838a6d859bcae6e9e3a0f155491e070c78214dba2915
POST /s/gts1d4/7_8ryOK2h0M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
IP 142.250.74.131:0
Hash 8ab673ecc49bf329659496731e5746ac
441f0355948f6de4212807cf3f3798d0eef1a16d
57c1139e0a3269c4d7b9848c58c527d5fd517ee6db50d02cbc0cd13a13ed4459
POST /s/gts1d4/jiW5rvgdad0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
IP 142.250.74.131:0
Hash 8ab673ecc49bf329659496731e5746ac
441f0355948f6de4212807cf3f3798d0eef1a16d
57c1139e0a3269c4d7b9848c58c527d5fd517ee6db50d02cbc0cd13a13ed4459
POST /s/gts1d4/jiW5rvgdad0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
msgsndr.com/cors/js/user-session.js
216.239.34.21200 OK 3.1 kB URL HTTP/2 msgsndr.com/cors/js/user-session.js
IP 216.239.34.21:0
File type ASCII text, with very long lines (7603), with no line terminators
Hash 36edb809ca302f3bbf4ab4205e6a39c3
48256998fef3d86c151ff53140103c82042129e7
0658267c5d72ad075a9888f959c0d82214bda587527da1cafd866201b21646de
GET /cors/js/user-session.js HTTP/1.1
Host: msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://widgets.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
content-encoding: gzip
x-cloud-trace-context: d4dc70002bbd26b8c71ad31960900838
server: Google Frontend
content-length: 3130
accept-ranges: bytes
date: Tue, 13 Dec 2022 18:42:01 GMT
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1db3-49773873e8"
content-type: application/javascript; charset=UTF-8
age: 0
X-Firefox-Spdy: h2
services.leadconnectorhq.com/funnels/funnel/geo-location/
34.120.211.235204 No Content 0 B URL HTTP/2 services.leadconnectorhq.com/funnels/funnel/geo-location/
IP 34.120.211.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /funnels/funnel/geo-location/ HTTP/1.1
Host: services.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://performanceequinevs.com/
Origin: https://performanceequinevs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
content-length: 0
date: Tue, 13 Dec 2022 18:42:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
IP 142.250.74.131:0
Hash 8ab673ecc49bf329659496731e5746ac
441f0355948f6de4212807cf3f3798d0eef1a16d
57c1139e0a3269c4d7b9848c58c527d5fd517ee6db50d02cbc0cd13a13ed4459
POST /s/gts1d4/jiW5rvgdad0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP 142.250.74.131:0
Hash d37dba0f1979b048c5be8f26973c9044
37dbbb5faed93e281130e927a096ab81cbac2665
331be714bbd4def6b494c04dc06c1d346e920044bdb7ae0536f35b0459ec4854
POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP 142.250.74.131:0
Hash d37dba0f1979b048c5be8f26973c9044
37dbbb5faed93e281130e927a096ab81cbac2665
331be714bbd4def6b494c04dc06c1d346e920044bdb7ae0536f35b0459ec4854
POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
services.leadconnectorhq.com/funnels/funnel/geo-location/
34.120.211.235200 OK 61 B URL HTTP/2 services.leadconnectorhq.com/funnels/funnel/geo-location/
IP 34.120.211.235:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c93e99cc315de521c32982eb1e6e3315
3bf7723215c224c5eddf1daacf2db7499bc2f2ed
a9ce718bc4ef0c988de522526bf1fd63346771c63cb565790c2de1a4d4dfdebf
GET /funnels/funnel/geo-location/ HTTP/1.1
Host: services.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
content-length: 61
etag: W/"3d-O/dyMhXCJMXt3x2qzy23SZvC8u0"
vary: Accept-Encoding
date: Tue, 13 Dec 2022 18:42:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
services.msgsndr.com/attribution_service/user_session_v3/create_session
34.98.115.9200 OK 0 B URL HTTP/2 services.msgsndr.com/attribution_service/user_session_v3/create_session
IP 34.98.115.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /attribution_service/user_session_v3/create_session HTTP/1.1
Host: services.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://performanceequinevs.com/
Origin: https://performanceequinevs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
content-length: 0
date: Tue, 13 Dec 2022 18:42:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP 142.250.74.131:0
Hash d37dba0f1979b048c5be8f26973c9044
37dbbb5faed93e281130e927a096ab81cbac2665
331be714bbd4def6b494c04dc06c1d346e920044bdb7ae0536f35b0459ec4854
POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
services.msgsndr.com/attribution_service/user_session_v3/create_session
34.98.115.9200 OK 105 B URL HTTP/2 services.msgsndr.com/attribution_service/user_session_v3/create_session
IP 34.98.115.9:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ef0bd07842333262d31588b570641a9c
85feb84849b2783cb667faecd1e3220bf99ec689
bdfda4c427213868db5ef0d23d6fa7b059f335c540120d5f87fb438739260e5b
POST /attribution_service/user_session_v3/create_session HTTP/1.1
Host: services.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://performanceequinevs.com
Content-Length: 560
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
content-length: 105
etag: W/"69-hf64SEmyeDy2Z/rs0eMiC/mexok"
date: Tue, 13 Dec 2022 18:42:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa97997d5-6f2f-45e7-8b56-795bebd84b54.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa97997d5-6f2f-45e7-8b56-795bebd84b54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 554fa9188556c1f0dac094819827a9e9
71c7162977f3ff9baf295d684ad45ab394ba33f2
910391e3686ed9314b09693500ccd41995efcdef8d2f4df7eb4c327f2eac2eff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa97997d5-6f2f-45e7-8b56-795bebd84b54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12503
x-amzn-requestid: 805024f4-b82a-4a3d-b0ef-045572febf05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWeeG2lIAMF3vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979df6-358be30b5b63c8bb5248871d;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XiL6HKsj9KMDsukD4kroJFGBFTKJd002Jr8xTDkjXKS8b_lOokLAyw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:53:49 GMT
age: 74897
etag: "71c7162977f3ff9baf295d684ad45ab394ba33f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Open+Sans%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 18:41:58 GMT
date: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:normal|Montserrat:700|Montserrat:600&subset=latin
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:normal|Montserrat:700|Montserrat:600&subset=latin
IP 142.250.74.106:0
GET /css?family=Montserrat:normal|Montserrat:700|Montserrat:600&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 18:41:58 GMT
date: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
IP 142.250.74.106:0
GET /css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 18:41:58 GMT
date: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 18:41:58 GMT
date: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2