Report - performanceequinevs.com/

Report Overview

Submitted URL
performanceequinevs.com/
IP
67.225.141.82
ASN
#32244 LIQUIDWEB
Submitted
2022-12-13 18:42:09
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	774 B	1.9 kB	172.217.21.162
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	753 B	757 B	142.250.74.67
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	176 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	67 kB	34.120.237.76
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	998 B	49 kB	142.250.74.35
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	742 B	2.4 kB	216.58.207.228
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	21 kB	142.250.74.46
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	3.0 kB	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.74.230
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	35 kB	142.250.74.74
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	471 B	164 kB	142.250.74.35
services.msgsndr.com	90440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	780 B	34.98.115.9
msgsndr.com	69793	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	3.6 kB	216.239.34.21
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
performanceequinevs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	27 kB	2.7 MB	67.225.141.82
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
www.carecredit.com	100857	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	453 B	16 kB	104.110.7.17
maps.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	70 kB	142.250.74.3
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	896 B	13 kB	104.17.25.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	21 kB	142.250.74.131
widgets.leadconnectorhq.com	157483	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	4.0 kB	35.244.153.18
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	767 B	570 B	216.239.34.36
services.leadconnectorhq.com	309779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	766 B	34.120.211.235

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-13	medium	performanceequinevs.com/	Malware
2022-12-13	medium	performanceequinevs.com/	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/cache/minify/9f85f.js	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/cache/minify/b01bf.js	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/cache/minify/71cef.js	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/cache/minify/49e2b.js	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/cache/minify/aad81.js	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/cache/minify/7fc0e.js	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/cache/minify/c2926.js	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/css/wp-accessibility-helper.min.css?ver=0.5.9.4	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/uploads/elementor/css/post-636.css?ver=1670865704	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.5	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/uploads/elementor/css/global.css?ver=1670865704	Malware
2022-12-13	medium	performanceequinevs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/themes/mts_schema/css/animate.min.css?ver=6.1.1	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.9.0	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/themes/mts_schema/theme-specific/doctors/doctor-dup.css?ver=6.1.1	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/themes/mts_schema/css/slick.css?ver=6.1.1	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/uploads/2022/02/equine-veterinarian-ocala-fl.jpeg	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/uploads/2022/02/equine-hospital-ocala-fl.jpeg	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/uploads/2020/12/3QSllJVIQhmxeCQXpZ8Hjsexr6x0tY7-VA-scaled-e1607544549301.jpeg	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/fonts/slick.woff	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware
2022-12-13	medium	performanceequinevs.com/wp-content/uploads/2020/12/uARYdqZIRmKeSjoWnsacHvhZap6dsUWBPg-scaled-e1607544729780.jpeg	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (49)

	URL	Size	First Seen	Last Seen
	maps.googleapis.com/maps-api-v3/api/js/51/3/map.js	73 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:20:58 Last Seen2023-03-12 14:26:19 Times Seen1 Hash a6b70e624b89e269a9c3376fab9d7406 1965c21983f6e3a4b83735c199dc012b45df37b2 3739dcbf43cdc3d8af938bc654fda2ad74cf883c4d9848e314f13ac5b7e56a91 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js	30 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:53 Last Seen2024-04-25 01:33:36 Times Seen608 Hash 2bb45e43faaa3e0a71c8a3a85e8b16aa 843bf10fef7d4504375501fea375dc80b5a4172d b024339fe00039664fe9d06d5b49f9c7790fd3c0a49fe69b44f77360e71483ef Loading...

	performanceequinevs.com/	1.2 kB	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash d2636d104a0006af40df8fae9bf59129 399a6d5046d84b40697b88cc4b122dbdce2d76d4 5fc67d9356088eeb899cd308ee3effc01d3aff9f4a671b68bde92a6001dead02 Loading...

	performanceequinevs.com/	88 B	2023-03-07	2024-04-02
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:45:20 Last Seen2024-04-02 21:23:07 Times Seen33 Hash bd349fc66e18cf981d6e8f57c94a6aa0 8d45ecd8832a85ee53c0a0314a24a47c5bb8eab0 226f03748dc5d59b38c2ed86f6d6c634cb8150af313610fff152dfa88035d83f Loading...

	performanceequinevs.com/wp-content/cache/minify/b01bf.js	15 kB	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/wp-content/cache/minify/b01bf.js IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash 0f5f7c38860342cc74b556adef4e4570 4a6a1306c19c6536cace2b29d3091af04f38ad78 72d2d6a2118aea90a85d41054aff0d2e214ea0692bac2863c5a9344f6269bcfc Loading...

	performanceequinevs.com/wp-content/cache/minify/c2926.js	113 kB	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/wp-content/cache/minify/c2926.js IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash 364456746709a769a52f3794aec63809 76bc2b7ee491470ef3f78b26eee8acc5d4cfdd64 40d75a221bf58fcf6d9971ee7bff88f8950b136e71c1fd2e5f3ecb7581122083 Loading...

	performanceequinevs.com/	270 B	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash 74bf6a2cac32adedb7bd28f33e3e2d76 b1fbbe80d5dc25a56e2c36d71abc6415d5034030 956906b075ce15dc795caea05020be89309ca685f6f4d9d0d96f8ee7686904ff Loading...

	widgets.leadconnectorhq.com/chat-widget/p-41fe6408.js	9.2 kB	2023-03-07	2023-09-09
Pretty URL widgets.leadconnectorhq.com/chat-widget/p-41fe6408.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:53 Last Seen2023-09-09 21:31:26 Times Seen102 Hash 2419853392b26296f49c22610567e747 b9823fad848c04de37ee24174562310d4683ce43 1fa29bec614ba590e3e5eb93b83cea07dcadf9ac3bb304bb059c8c123e57832d Loading...

	performanceequinevs.com/	2.2 kB	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash ae7a878eef7c86f3926835079e9bcd9e 4e14bc594830115702c39fde0bc28e9cb9266cb7 41f9bdb1dd01c269cde79d72acc598c050d0adeca9566c85129a60b732bd26f5 Loading...

	performanceequinevs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-25
Pretty URL performanceequinevs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 04:27:26 Times Seen38041 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	performanceequinevs.com/wp-content/cache/minify/9f85f.js	101 kB	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/wp-content/cache/minify/9f85f.js IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash 74a46316c6de770d4f4290b839992d50 6e4264a29d0b11ce4ef4f46d98bb198484390d18 2e1bf7304b12eae6d6cde0cc5bc483a09f7d3e7a94a676d27012eb963c8546c1 Loading...

	performanceequinevs.com/	315 B	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash a777fd4af312a87c11842c48b611fa9f 046d531c5942a80d7639b31da996e357df90b981 0666e0ad1fc9682906a320a64333830e7f60f375e671a154b36bb178bc414964 Loading...

	widgets.leadconnectorhq.com/chat-widget/chat-widget.esm.js	2.2 kB	2023-03-09	2023-03-14
Pretty URL widgets.leadconnectorhq.com/chat-widget/chat-widget.esm.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 04:52:34 Last Seen2023-03-14 08:07:40 Times Seen1 Hash 4c075339ba3ce33f86bd666442a3471d 279a093ca60ba51f46fe89ec8d215d2838ea43c1 840a4fa832bc1c63e523f6a4bbef91fe36eae539df7f206f2761b76f36a3bbe8 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/overlay.js	3.6 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/overlay.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:20:58 Last Seen2023-03-12 14:26:19 Times Seen1 Hash 2e0492d2bda13b0ccdd20c5f4c83b11d c8a294f9e08d8cf20fba2d123838a57952f788ba a2a936e3b225b20034387717209093e03c3e9f85652db2053cc20aeb624086f0 Loading...

	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=67260	62 B	2023-03-08	2023-08-17
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=67260 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:25:00 Last Seen2023-08-17 14:45:14 Times Seen1761 Hash ac206f9aca43cbd08f77ebff219bad68 a8f70e30f06a72933f89c350b8fcc8e77280ff5d 5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	performanceequinevs.com/	100 B	2023-03-07	2024-04-21
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:54 Last Seen2024-04-21 06:44:44 Times Seen334 Hash b4d3f37f12c20b842849ca0639c02896 b45356cd6ac8aa97b120978939d210a29793bcaa dfe28b5bb81fe6a0f507e293a8c6d0030794725ea028e37b18c5bceaa9d7fff2 Loading...

	performanceequinevs.com/	307 B	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash 1baa03c6b7f4d5e149562c0d7d045b92 d5a0bb4e1e4a566aabf79ed7d90b896bd50b74ce e7d5a80abbd67bd472aeb9ac823c4e2dae8927c64800b98fe4683b130fef3643 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/controls.js	89 kB	2023-03-08	2023-03-13
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:20:58 Last Seen2023-03-13 12:12:46 Times Seen1 Hash a874c64f3161e76c9fc742013031aca7 5391f5b5a07ffdd18e52ce5cd25dc1cb7b8ce0ae fe9c01e4a451cda124f8650fca402d58d984929cbd4fe243fa679f7a1b1ecb0a Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7smklv9w&10e1&11b0&callback=_xdc_._s2ti84&client=google-maps-embed&token=2785	62 B	2023-03-09	2023-03-09
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7smklv9w&10e1&11b0&callback=_xdc_._s2ti84&client=google-maps-embed&token=2785 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash 987f35001720b884e585d31e7aba101a eb415b6dc16c50136e42bd19e41b59b16d2fe82d fd584a9c9ef2034e1ccde0fc381925373e787c809a39711134832ab2bbcf580a Loading...

	performanceequinevs.com/	1.6 kB	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash c6c0f13bbbb15e82c29164a633732403 bc59999569d195a91ca791565fa3e5869e0f3219 bfccb3f1cd31d7ff3c12080ede8e882373940116bf2332adbbfd4e627a119d35 Loading...

	performanceequinevs.com/	66 B	2023-03-07	2023-11-16
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:45:20 Last Seen2023-11-16 18:09:52 Times Seen9 Hash 7c45495fb43aada18954e4a5d17703a4 1b7a47fb041abaeb2d07ce07122dddcaeaca0138 276c947c160de3a524941bb81fe1ffcd46da1e2228b044a685d3242afc4f49a6 Loading...

	www.google.com/recaptcha/api.js?render=explicit	852 B	2023-03-09	2023-03-12
Pretty URL www.google.com/recaptcha/api.js?render=explicit IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:35:03 Last Seen2023-03-12 17:21:18 Times Seen1 Hash 320787e2ca63ae7c22ab1bddcb5f6254 fc07b77335e829d333cd36c9ca0117a9fe1bd25a 05f1af483849cc9e389283c9ee20c3fbcdb0238220edb5900a40b62f41bce6a4 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/search_impl.js	2.8 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/search_impl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:20:58 Last Seen2023-03-12 14:20:02 Times Seen1 Hash cde277258c2a61dcde9d567f621e2bd7 1a4612c8c31d6b225385daf418589144f352b1e9 45cdd36ac50849b2e390133b01636a68acb05b60847c92d2508e44db03d1e3d0 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d10.478339922035698&2d-102.45487923768238&2m2&1d46.57039965349199&2d-61.70577954087689&2u2&4sen&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._vujuzg&client=google-maps-embed&token=109104	10 kB	2023-03-09	2023-03-09
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d10.478339922035698&2d-102.45487923768238&2m2&1d46.57039965349199&2d-61.70577954087689&2u2&4sen&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._vujuzg&client=google-maps-embed&token=109104 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash c09beeecce17e1afa963dbd6be56a18f 8e18a417a57941a0f3defd72faa077e283624602 b7df6f71245e99031e804d2f5ba1036df1d671bebebf9be6df8ed18e46c72449 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 08:46:50 Times Seen37058701 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	performanceequinevs.com/wp-content/cache/minify/71cef.js	193 kB	2023-03-08	2024-01-09
Pretty URL performanceequinevs.com/wp-content/cache/minify/71cef.js IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:45:53 Last Seen2024-01-09 06:18:54 Times Seen19 Hash c28fe5eadbc4316d46e5131f4af2ea48 ffd89ab5613a232e0c69781a1cfbc4accf6183bb b2461b2ade977130f72a59c75e03fc12db371ad514dbbbb566cd9eea730ae7bf Loading...

	msgsndr.com/cors/js/user-session.js	7.6 kB	2023-03-07	2023-04-17
Pretty URL msgsndr.com/cors/js/user-session.js IP 216.239.34.21 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:53 Last Seen2023-04-17 13:58:34 Times Seen12 Hash b22d5b097a065764647b9e18768dee43 2cbcf1669414f7948d05cce03c935395b8f0c583 2fddb0152b7827669035a54fcc3b4bf03c675b80fa6ec0ec48478e581db914de Loading...

	www.googletagmanager.com/gtag/js?id=AW-427613575	138 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=AW-427613575 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash f04f354791c671f3cd133858307c6982 dc72f63807562e12bf8bd772c3b65c8fe62d2b86 586e40a1a109d787ec37adf9699fcdf1fbc377b23f947029914bbba66ddbcbe9 Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad	174 kB	2023-03-09	2023-03-09
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash 026a0514092a9e211a5053f1a2833789 82468bf70b8d419ac5801e5ee716fd645d30c699 681b3e5a162a1c0b9b3de9e23d6794cc44975f5ee02aaf44f2eb4cb7ded87ab0 Loading...

	performanceequinevs.com/	153 B	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:32 Last Seen2023-03-09 07:21:32 Times Seen1 Hash a60459c1c3936e731a4650032515f95b 853d89c61f67366bdbf5bf4c18652d682279e25f 070b23744327afff919a6f1f862108722b96bfdb18c3e591eb48a0d01e7ad16d Loading...

	performanceequinevs.com/wp-content/cache/minify/7fc0e.js	94 kB	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/wp-content/cache/minify/7fc0e.js IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash 977abf64fa14d557b962241204498a7a 49fc76215f38109b44b16675916a5c94e455491a 9ef51f1712fe0d95eafa7a7d2904ddc011d70ea100aef360291dcf367f96f60d Loading...

	www.googletagmanager.com/gtag/js?id=G-1X0XQRMB4F	220 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-1X0XQRMB4F IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash f87616ead84355a79176861c391ef53b fdee28e2606ae0e1a7d1da3efe7865965ad06382 e0af8d2c46ff116c2e4e3608529f8a618ce17d268389f51d57f00ed643e0710e Loading...

	performanceequinevs.com/wp-content/cache/minify/aad81.js	34 kB	2023-03-09	2023-09-17
Pretty URL performanceequinevs.com/wp-content/cache/minify/aad81.js IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-09-17 09:44:39 Times Seen4 Hash 2eceb0afd00c055580e5247d138f37e8 4ba5d4fa2bb2783137c3763152210e3bc4918f71 bb3b197da1ff7e170c937d7373d61fe131998bafca4cabd4269a753d213f8ff1 Loading...

	performanceequinevs.com/	156 B	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash 76a08e5929969a8f37f3ccfdf4f2be48 b641bcd64bf916546b113aa993da551942655a96 2f5ce48cf4e0f329853a6412f87df808255ce60a2a6111c1466387120c476ae3 Loading...

	performanceequinevs.com/	152 B	2023-03-09	2023-03-09
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash dfa32bb526de96fe6b4c7b425aea1187 5046505447d71e28c377be4887069818df4948cb da27d58fe72ab4ec4e05558d8b55b3220b22c1b63b6c70fe9f289cdf25d7ecd3 Loading...

	performanceequinevs.com/	71 B	2023-03-09	2024-04-02
Pretty URL performanceequinevs.com/ IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2024-04-02 21:23:08 Times Seen8 Hash 98f1bc99d1b2195c8064697d4ab866bb aac4ee9e781ecbd2793bf903edbf018e0e44234b 2bf283c8e4d4cb02d887824100d405d1b1fa3805c242a4062c49a7271140b470 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/common.js	255 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:11:43 Last Seen2023-03-12 14:26:19 Times Seen1 Hash 87c978a83e6f6fd3a5b91c95334bcb8d 4c34d1820d01eeaf501a662fa7cefa777174e966 32999fee543995c67d5f35c2432cccc8a0df808c6e3aa5697e751e694e4a8cef Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/onion.js	27 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:20:58 Last Seen2023-03-12 14:26:19 Times Seen1 Hash 780b6c1321276326ff3d8edb19a729aa 4125d5b9d1fee8f3986eb360476886b4b17780f2 2aed3514a9d3aa64cbfcfcbe83cf138d9a60fe2cfb4ac1bd1b447f9605c2dac4 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7smkltnd&10e1&11b0&callback=_xdc_._xlguio&client=google-maps-embed&token=100574	62 B	2023-03-09	2023-03-09
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7smkltnd&10e1&11b0&callback=_xdc_._xlguio&client=google-maps-embed&token=100574 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash 2556b0f42abd976823c1d481ca0c5975 933cbacbf17b46dc7a9ed7a27fcb2ebeddb4f5eb 1a9ed860608136f0585afc2ce3b22bb0c4672f587fb06010dea24db0429a1f33 Loading...

	widgets.leadconnectorhq.com/loader.js?ver=6.1.1	3.2 kB	2023-03-09	2023-10-18
Pretty URL widgets.leadconnectorhq.com/loader.js?ver=6.1.1 IP 35.244.153.18 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 04:52:34 Last Seen2023-10-18 06:26:44 Times Seen147 Hash 578ef8ec3c524817ae83ff5a2d697208 f05cb92fc54268c1edd2c7bfddbc5055f319f3df ba0d54db956dbaa8ae45d8b0cd8a8445a4d0c7862847860d4c1b55b3d2807c2b Loading...

	www.googletagmanager.com/gtag/js?id=UA-162256409-34	112 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=UA-162256409-34 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash 5830bf6225ca17502a4b2bffdb3333f1 ba10412a1ab91e8f0f4aff3b995fbd29881f8eab 58c29548ae242e34b32197c81ee1a1d1d01fc6c9ed96d9e9d758266ff82edff6 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/3/util.js	170 kB	2023-03-08	2023-03-12
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/3/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:11:43 Last Seen2023-03-12 14:26:19 Times Seen1 Hash 75a28a7654f3cb167466fc9f53f26857 f0608e6738a9929564fc924d3f7b8ca719410344 ca9a23567883cb5e3c7b2d81005271db6d3753e2186c625acbf88ad47e282041 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d8.268424998318288&2d-122.64830414172127&2m2&1d50.98862082296277&2d-42.72019582464449&2u5&4sen&5e0&6sm%40629000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._qlilma&client=google-maps-embed&token=26563	27 kB	2023-03-09	2023-03-09
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d8.268424998318288&2d-122.64830414172127&2m2&1d50.98862082296277&2d-42.72019582464449&2u5&4sen&5e0&6sm%40629000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._qlilma&client=google-maps-embed&token=26563 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash 6ca9cfa5544bb83c03406bc39d69fdb6 7a6f33f40a1027c9677ed073aff6f41ece77bf9f 9c00c05e9753e9387d13cd14fc1f1915c0f03ec69509f377933107dd8f9c729d Loading...

	www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js	410 kB	2023-03-09	2023-11-27
Pretty URL www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:38:37 Last Seen2023-11-27 18:41:35 Times Seen13 Hash 56c26456a687498212ac9f8d60c32cb4 41f1a7ca70227b93e58a7f56973c9169ff08478c cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/427613575/?random=1670956917642&cv=11&fst=1670956917642&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&auid=777209353.1670956918&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-09	2023-03-09
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/427613575/?random=1670956917642&cv=11&fst=1670956917642&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&auid=777209353.1670956918&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash 9c82a0399e3e8883edf021c2c698966f ce82c06be0255ffd987933df75c691f10546a7e7 5fe65d38587ee66262b47de1c4e4694e4cf91090986c6cdf174b159f82b1e743 Loading...

	widgets.leadconnectorhq.com/chat-widget/p-646c0959.entry.js	50 kB	2023-03-09	2023-03-14
Pretty URL widgets.leadconnectorhq.com/chat-widget/p-646c0959.entry.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 04:52:34 Last Seen2023-03-14 08:07:40 Times Seen1 Hash 49da3a21db26f1b8a071554e61d681b3 646c095923e451f35d266b5b4767f6ce61c9d991 b4253ea68169f6a0845e3dce47c5e6fc2e38e5cba44181d6d230b9cd835e0433 Loading...

	www.googletagmanager.com/gtag/js?id=G-RV9QL9HDWF	221 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-RV9QL9HDWF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2023-03-09 07:21:33 Times Seen1 Hash 095e79ecd1af3a55c0ad31b301e9a788 6cc20ccba04244f3798efdc6d486bcf2233292ba 46c54e410e5c4343d3fc2a695acb91d7c250d51db49f251dda54c04c2eb9f481 Loading...

	performanceequinevs.com/wp-content/cache/minify/49e2b.js	8.8 kB	2023-03-09	2024-04-02
Pretty URL performanceequinevs.com/wp-content/cache/minify/49e2b.js IP 67.225.141.82 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:21:33 Last Seen2024-04-02 21:23:09 Times Seen67 Hash e2a2b2e47dd1e4685186113751906f3a 02e77f5f7a7d7435591f0cd7d7bad4adf4e895b3 9f0e448d480a90adda1c81fc5ee817a864e612910a0a7e30b09f9da2ede64dca Loading...

HTTP Transactions (133)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5655
Expires: Tue, 13 Dec 2022 20:16:12 GMT
Date: Tue, 13 Dec 2022 18:41:57 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18366
Expires: Tue, 13 Dec 2022 23:48:03 GMT
Date: Tue, 13 Dec 2022 18:41:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 18:33:46 GMT
content-type: application/json
age: 491
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13654
Expires: Tue, 13 Dec 2022 22:29:31 GMT
Date: Tue, 13 Dec 2022 18:41:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Apu2w2/Q84xuy1MTbmUjxWQ5gG/ydn2dvEGVWFgzntJxoZTdMbcGlCvjh2C/6SnLOS9dDlNnJbUonh+JKmCiIA==
x-amz-request-id: AM4DVM88R5KAJHS2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 17:50:09 GMT
age: 3108
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 18:41:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 18:07:57 GMT
age: 2040
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

performanceequinevs.com/

67.225.141.82

301 Moved Permanently

0 B

URL HTTP/1.1
performanceequinevs.com/
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Dec 2022 18:41:57 GMT
Server: Apache
X-Redirect-By: WordPress
X-Content-Type-Options: nosniff
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://performanceequinevs.com/
Cache-Control: max-age=600
Expires: Tue, 13 Dec 2022 18:51:57 GMT
Vary: User-Agent
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Keep-Alive: timeout=2, max=500
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
de9e80c3bbe25e8623562110be8b8c9c
013f87db47c4ce3daf3380bc5e0ac3b1b496fe6f
792d587777c03d661a39a0593b71b3ec7611cb6e9d7a834bc79f28e6ace19692

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6562
Cache-Control: max-age=144856
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Etag: "639840ac-1d7"
Expires: Thu, 15 Dec 2022 10:56:14 GMT
Last-Modified: Tue, 13 Dec 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.74.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.74.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LamEDSsTeZWneLl1k6yB+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X9b3cTRZDA1XXXD1qUTK6TBCm0g=

performanceequinevs.com/

67.225.141.82

200 OK

20 kB

URL HTTP/2
performanceequinevs.com/
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
20 kB (20197 bytes)
Hash
2613efcdc37abdda4b70b79ce02c5781
c894edb2dfc53ef43248ab11b3fc8b1f64f6d7b4
575fa2c6867dac1717a32bc25cb3832902944cf6c0bad8fb146e185ae36132e0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,Cookie
last-modified: Tue, 13 Dec 2022 18:32:00 GMT
etag: "4ee5-5efb9d5eff385"
accept-ranges: bytes
content-length: 20197
cache-control: max-age=3002, public, public
expires: Tue, 13 Dec 2022 19:32:00 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
link: </wp-content/cache/minify/9f85f.js>; rel=preload; as=script, </wp-content/cache/minify/71cef.js>; rel=preload; as=script, </wp-content/cache/minify/b01bf.js>; rel=preload; as=script, </wp-content/cache/minify/c2926.js>; rel=preload; as=script, </wp-content/cache/minify/aad81.js>; rel=preload; as=script, </wp-content/cache/minify/49e2b.js>; rel=preload; as=script, </wp-content/cache/minify/7fc0e.js>; rel=preload; as=script
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
push-policy: default
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/cache/minify/9f85f.js

67.225.141.82

200 OK

32 kB

URL HTTP/2
performanceequinevs.com/wp-content/cache/minify/9f85f.js
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (25075)
Size
32 kB (31638 bytes)
Hash
dc6bd607fdfab56b102ff5511140f527
8fe84449c4e81d41d86a2e41fe25ed8f8dee237a
58beda66423c8ca95ddb408a626aabff698e6f373fcd99364bc40c270a8d023e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/minify/9f85f.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:31:10 GMT
etag: "7b96-5efb9d2f6a656"
accept-ranges: bytes
content-length: 31638
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/cache/minify/b01bf.js

67.225.141.82

200 OK

4.7 kB

URL HTTP/2
performanceequinevs.com/wp-content/cache/minify/b01bf.js
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (1778)
Size
4.7 kB (4732 bytes)
Hash
cf74d133898a10a0453433cf76de611e
db67345db6f1bccd5a8ff2d2283a78d18d1f47ad
0e69e2f493ab2b118149b58314d2a15365fe8f004735a5863e12b2a57906ca05

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/minify/b01bf.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:33:10 GMT
etag: "127c-5efb9da1cf7eb"
accept-ranges: bytes
content-length: 4732
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1f984d58053be39408d40ea947d38943
871048440e5ee63f08e83909802a4cae099d24d2
cf34f29cecf5262d96efec6d5302d083733a55809df7a1c60ebbacce89ada95f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

performanceequinevs.com/wp-content/cache/minify/71cef.js

67.225.141.82

200 OK

34 kB

URL HTTP/2
performanceequinevs.com/wp-content/cache/minify/71cef.js
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34129 bytes)
Hash
94b7d051d7b1585698328b56d99c4664
3a980747e438905d1712449b84d3d57306aff8e7
8e2845963086af529bfefc5ac1dc5450f860de791530db4f0a90e45df2880f8a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/minify/71cef.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:31:11 GMT
etag: "8551-5efb9d300c41d"
accept-ranges: bytes
content-length: 34129
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/cache/minify/49e2b.js

67.225.141.82

200 OK

2.7 kB

URL HTTP/2
performanceequinevs.com/wp-content/cache/minify/49e2b.js
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (8848), with no line terminators
Size
2.7 kB (2654 bytes)
Hash
53237bba9589c1056aae941d839836c7
593b5f7da8fc0005792601feb9a307251b0ff9e1
33a8c0dc4c1437c04502cb3c45ff1fdee769c8cd156b4bb2f04b9398522f2f99

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/minify/49e2b.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:33:10 GMT
etag: "a5e-5efb9da1cc90b"
accept-ranges: bytes
content-length: 2654
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/cache/minify/aad81.js

67.225.141.82

200 OK

8.5 kB

URL HTTP/2
performanceequinevs.com/wp-content/cache/minify/aad81.js
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
Unicode text, UTF-8 text, with very long lines (33559), with CRLF line terminators
Size
8.5 kB (8478 bytes)
Hash
64016175999f08f11735dd40e82bb8fb
c7ee4cd9c7e12e77287b6d8ca7f433aba689aca4
283663f6a1d502ccb850704a355c76ec09f6e6a169b03f973c249dcf1a41e2c4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/minify/aad81.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:31:10 GMT
etag: "211e-5efb9d2f6c596"
accept-ranges: bytes
content-length: 8478
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/cache/minify/7fc0e.js

67.225.141.82

200 OK

24 kB

URL HTTP/2
performanceequinevs.com/wp-content/cache/minify/7fc0e.js
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (32068)
Size
24 kB (23750 bytes)
Hash
eea663af25d59bd6d6fd829ec6c93fd1
fc0c729697a939aa34575e0bedf8c026ccfa9642
f52d9417e0f1a48124ef84967d7235a8bc7d935ada904bb33129cff5a1893cb9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/minify/7fc0e.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:33:10 GMT
etag: "5cc6-5efb9da1d2ab2"
accept-ranges: bytes
content-length: 23750
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4

142.250.74.74

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.12.4 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Dec 2022 09:45:42 GMT
expires: Mon, 11 Dec 2023 09:45:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 204976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/cache/minify/c2926.js

67.225.141.82

200 OK

27 kB

URL HTTP/2
performanceequinevs.com/wp-content/cache/minify/c2926.js
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (42863)
Size
27 kB (27429 bytes)
Hash
3b7c96ee0a5b0235c8b1208962571705
9876d2f2e39c942551ec67e63d55e18b711fbd83
6b59b2fa3074534960256159fb1074fbd249a161c41f95c222e692dcf715d6a2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/cache/minify/c2926.js HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 13 Dec 2022 18:31:11 GMT
etag: "6b25-5efb9d3037b68"
accept-ranges: bytes
content-length: 27429
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/x-javascript
content-encoding: gzip
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1

67.225.141.82

200 OK

890 B

URL HTTP/2
performanceequinevs.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text
Size
890 B (890 bytes)
Hash
77844a96d72d03c84c5e6970c1fe631b
5f02982c93cf4bf4f70d77ea6dfe04d2efcd9b81
0b5162518ddfdb56914db022a95c1a5eca3271ae2f062cfaa939cc5b7094d63c

HTTP Headers

GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "fbc-5efa4b47683cf-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 890
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-includes/css/classic-themes.min.css?ver=1

67.225.141.82

200 OK

189 B

URL HTTP/2
performanceequinevs.com/wp-includes/css/classic-themes.min.css?ver=1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:40:30 GMT
etag: "d9-5efa4ffdf14f1-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 189
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/photo-gallery/booster/assets/css/global.css?ver=1.0.0

67.225.141.82

200 OK

3.3 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/photo-gallery/booster/assets/css/global.css?ver=1.0.0
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text
Size
3.3 kB (3299 bytes)
Hash
63d096b91bd1a699da6fad0309f88611
19e448e80068e098211b41e4d35ba1b1ccd4be17
788dbf4cee99abb81b629f0d1df6a48ea3317b5143ef26d71bf49c7845bd3f8f

HTTP Headers

GET /wp-content/plugins/photo-gallery/booster/assets/css/global.css?ver=1.0.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "4eb9-5efa4b476dda6-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 3299
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/css/wp-accessibility-helper.min.css?ver=0.5.9.4

67.225.141.82

200 OK

2.0 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/css/wp-accessibility-helper.min.css?ver=0.5.9.4
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (8452), with CRLF, CR line terminators
Size
2.0 kB (2005 bytes)
Hash
98b634c5f1ae4e79def4655e44d85290
89b334c92a3bcf8e06f3af1aa57810148f678bed
4713e664fd749b2bed55de79ded09875dfbb21f4e53c5dd79632c525638c941f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-accessibility-helper/assets/css/wp-accessibility-helper.min.css?ver=0.5.9.4 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Fri, 14 Oct 2022 17:36:06 GMT
etag: "2107-5eb020f899539-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2005
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6

67.225.141.82

200 OK

2.1 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (7609)
Size
2.1 kB (2081 bytes)
Hash
b7c2fd201680d0fdae258d6e7c0b0e16
d6b0c3c069b8c33115b8e33c5ce1eff64ef33139
3457dbccf9f39fb5588b077fbe22d0059bdb686e7298ff7b3c4b8154fe550580

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "1dba-5efa4b47683cf-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2081
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/elementor/css/post-636.css?ver=1670865704

67.225.141.82

200 OK

391 B

URL HTTP/2
performanceequinevs.com/wp-content/uploads/elementor/css/post-636.css?ver=1670865704
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (1164), with no line terminators
Size
391 B (391 bytes)
Hash
a2af761ac7d1da63d2f4eb0aa6f34630
e7b808472a81199bca34fa28811f782f81f4dfa9
7090b4e0e8c9e1e56cf66352c0a673403db0828bb8e8b5f73a21a9d718259a48

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-636.css?ver=1670865704 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:21:44 GMT
etag: "48c-5efa4bcc8dc00-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 391
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5

67.225.141.82

200 OK

4.0 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (42839), with no line terminators
Size
4.0 kB (3984 bytes)
Hash
e7d460fe41c87ad9e87c0695426d2f92
f16685ccaa6474b82a282f394ef673b27f07fcc9
b92e0e744425caad084ada130f27b25b00c07eecbca8de743686ab33d3cf100f

HTTP Headers

GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "a757-5efa4b47683cf-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 3984
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/R5q4jGg09cM

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/R5q4jGg09cM
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f45102c1228f204a4a378e07d0565b7
cfba63c53cf016c479ef16251bc02770401a18db
8348e95d18cafe7874e931be60bc0754251ba9cfcad8994ec2b280cbddbe7520

HTTP Headers

POST /s/gts1d4/R5q4jGg09cM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

performanceequinevs.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

67.225.141.82

200 OK

4.0 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (19233)
Size
4.0 kB (3961 bytes)
Hash
24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:22 GMT
etag: "4b4f-5efa4b44ab544-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 3961
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.5

67.225.141.82

200 OK

7.0 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.5
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (45071), with no line terminators
Size
7.0 kB (7049 bytes)
Hash
d058b5128a4e0731f3e603fe69922641
9295944dd1b1e14ccb9c9a00c3d15fcef45a2812
04dcf8324fefd64402ee31ccb1c6b2a10062c8c6931ce65f409ef65375437689

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.5 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:24 GMT
etag: "b00f-5efa4b476742f-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 7049
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/elementor/css/global.css?ver=1670865704

67.225.141.82

200 OK

2.8 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/elementor/css/global.css?ver=1670865704
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (14692)
Size
2.8 kB (2803 bytes)
Hash
f00834837ba00de274519d6596a78820
7b7ed9c38d9245e494c03168f307f817382c98f9
8e8956beb5b6d582aaabd55c49899aa5dfd0b1d1cf62a8ee239b0755b9325a77

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1670865704 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:21:44 GMT
etag: "9ab3-5efa4bccc3f2a-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2803
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-427613575

142.250.74.168

200 OK

53 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-427613575
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
53 kB (52881 bytes)
Hash
4d7a661446392e397c8d14fc15b67054
0751758fec50d5cf7125e4bb269501bf04e27ec7
1bd65a016e1feeb481d90b220d279dfad77a2c9373411fa0655899dce932dd29

HTTP Headers

GET /gtag/js?id=AW-427613575 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Dec 2022 18:41:58 GMT
expires: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

performanceequinevs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

67.225.141.82

200 OK

12 kB

URL HTTP/2
performanceequinevs.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (47826)
Size
12 kB (12518 bytes)
Hash
8fa87dd23394a22621248ec378d2af59
9305bc637a89b1700d7f56a19a80bd32b0feb2f7
c162f7de24fa2d4e93e0da254ef287ff72f4a3e03f42443265097968351388dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:40:30 GMT
etag: "172a9-5efa4ffdf2879-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 12518
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-162256409-34

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-162256409-34
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43574 bytes)
Hash
0e6006b3e55c53594fc359f00e174c36
c6977ff2ba204fc74202c29828368c444b8431f8
72cc3f3366d0a88e56a80256fbb4d40c1b45beb89c28a5f203b85d2b5b079c7d

HTTP Headers

GET /gtag/js?id=UA-162256409-34 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Dec 2022 18:41:58 GMT
expires: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.9.0

67.225.141.82

200 OK

18 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.9.0
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (65497)
Size
18 kB (18303 bytes)
Hash
0c666a16413f188d193a142838bdbcab
44dc2286e7e0b6eb4c22be01dd846ae4b1825a61
c07b9f004fe1288f4cf91bf5c782d242c1b0b377c6f8e1f1a8136f477b717f2f

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.9.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:22 GMT
etag: "21a96-5efa4b44a827c-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 18303
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-RV9QL9HDWF

142.250.74.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-RV9QL9HDWF
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (22462)
Size
77 kB (76895 bytes)
Hash
1ed60ddb3feb0584b66a0b2dcd64bc89
32adb3feef5daa69dc7d39dc2bbd2ae818298446
17d408acbe7bce1c43276cb071f102570a87965a2027907285c0608f4db0d574

HTTP Headers

GET /gtag/js?id=G-RV9QL9HDWF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Dec 2022 18:41:58 GMT
expires: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76895
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/css/owl.carousel.css

67.225.141.82

200 OK

1.9 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/css/owl.carousel.css
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (304)
Size
1.9 kB (1925 bytes)
Hash
440501c0aaa53349275941206ba6bda8
ad3fa456dd2f5f02c6749d73cf4be12c5b21c70e
80ca7171dbaf7758f73318be893d888a08dfaa744041f78ecc43a9ba67f4d6ea

HTTP Headers

GET /wp-content/themes/mts_schema/css/owl.carousel.css HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Thu, 23 Apr 2020 14:19:24 GMT
etag: "1b7b-5a3f5ef7fd300-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 1925
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/css/animate.min.css?ver=6.1.1

67.225.141.82

200 OK

2.6 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/css/animate.min.css?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (16755)
Size
2.6 kB (2621 bytes)
Hash
f33cff0ba0b03380f6b6c50146faf5ee
77c05a2304724273f1145f3dfc660f59fa5d17eb
427029b71729b61a7369a51140e9141a75403e2f5d1cb12f3ccde0384bc41418

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/mts_schema/css/animate.min.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Thu, 23 Apr 2020 14:19:24 GMT
etag: "4238-5a3f5ef7fd300-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2621
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1

67.225.141.82

200 OK

18 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
assembler source, ASCII text
Size
18 kB (18223 bytes)
Hash
bf77372ab40280cbb999004e2ec2e6fc
7b5e1a43164fa77c6ba401ddb2dddd47a97d70e3
d187c9a3c431908430f7a689ba1f98546f0d598dd9909c8b1e4a2653e12eae7b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/haven-schema-child/style.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Fri, 28 Oct 2022 17:31:51 GMT
etag: "1c17f-5ec1ba2134fc0-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 18223
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/css/responsive.css?ver=6.1.1

67.225.141.82

200 OK

2.5 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/css/responsive.css?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text
Size
2.5 kB (2536 bytes)
Hash
94002b59df94cd8986029531c38c869f
8c5c6a7b88dd6fbaf23fd8ca38c147d23676f1d8
2a10f9af15aafba89090474d723b0e66cebba6cf0578732838bf937000db1cdf

HTTP Headers

GET /wp-content/themes/mts_schema/css/responsive.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Fri, 01 May 2020 09:29:52 GMT
etag: "3034-5a492d2c72400-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 2536
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/css/font-awesome.min.css?ver=6.1.1

67.225.141.82

200 OK

7.1 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/css/font-awesome.min.css?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7053 bytes)
Hash
52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6

HTTP Headers

GET /wp-content/themes/mts_schema/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Thu, 23 Apr 2020 14:19:24 GMT
etag: "7918-5a3f5ef7fd300-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 7053
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.9.0

67.225.141.82

200 OK

37 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.9.0
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (65493)
Size
37 kB (37417 bytes)
Hash
060b1427f1a385b3b22b164e1808f416
e9f4da0716038abe15be7a65093e9e77d54f0618
0a450b8f2bb6ea677e4d6a7b736720a74e5f561b4fc5ad8975b1fff96445c11b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.9.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:23 GMT
etag: "630db-5efa4b461bba3-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 37417
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/google_small_icon.png

67.225.141.82

200 OK

1.1 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/google_small_icon.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1073 bytes)
Hash
2606f22605b274be38c1e976e0dfd729
bf8816a7c8944c0225a8c200a272b4dca70959b5
81ff91e4c4794046c6b1c35738923e07413ed7c0a116dc5fbc95b4db9d7b2b4f

HTTP Headers

GET /wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/google_small_icon.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "431-5efa4b4b201de"
accept-ranges: bytes
content-length: 1073
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg

67.225.141.82

200 OK

1.6 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Size
1.6 kB (1581 bytes)
Hash
d05abf390d4b570b525b3c800fdad3ee
218a5227ebdc0a75488782f54c85c0b21dfa74c9
cbfbe8067fa989262a4cc96558f10686f87c40da2d1cd6f96b01770ac3d7d424

HTTP Headers

GET /wp-content/plugins/wp-accessibility-helper/assets/images/accessibility-48.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Fri, 14 Oct 2022 17:36:06 GMT
etag: "62d-5eb020f899151"
accept-ranges: bytes
content-length: 1581
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2020/08/PEVS-Color-logo1.png

67.225.141.82

200 OK

18 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2020/08/PEVS-Color-logo1.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18204 bytes)
Hash
284435d23fa807787ca59ca75c182c34
c2a3cc7cba074b933f6362cbe280572045a2a577
8e942da79801b6ffe2122a9fea5b3f7c694781ea301f08b35ff1dc476bb14e2b

HTTP Headers

GET /wp-content/uploads/2020/08/PEVS-Color-logo1.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:41 GMT
etag: "471c-5b3c3f4439595"
accept-ranges: bytes
content-length: 18204
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/easy-columns/css/easy-columns.css

67.225.141.82

200 OK

893 B

URL HTTP/2
performanceequinevs.com/wp-content/plugins/easy-columns/css/easy-columns.css
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with CRLF line terminators
Size
893 B (893 bytes)
Hash
16350009543f8747d7ae2b74a0c8cd16
1233bc5f5a3e7c725f4d970912d151f41d8c0f4b
6e06042f8ddc316b8d52d4e2c2cb8509f93f8c4f58fd5663e5e506269841cb3c

HTTP Headers

GET /wp-content/plugins/easy-columns/css/easy-columns.css HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Thu, 01 Sep 2022 18:03:04 GMT
etag: "b20-5e7a16cc3f4d2-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 893
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1f984d58053be39408d40ea947d38943
871048440e5ee63f08e83909802a4cae099d24d2
cf34f29cecf5262d96efec6d5302d083733a55809df7a1c60ebbacce89ada95f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

widgets.leadconnectorhq.com/loader.js?ver=6.1.1

35.244.153.18

200 OK

3.2 kB

URL HTTP/2
widgets.leadconnectorhq.com/loader.js?ver=6.1.1
IP
35.244.153.18:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
3.2 kB (3157 bytes)
Hash
578ef8ec3c524817ae83ff5a2d697208
f05cb92fc54268c1edd2c7bfddbc5055f319f3df
ba0d54db956dbaa8ae45d8b0cd8a8445a4d0c7862847860d4c1b55b3d2807c2b

HTTP Headers

GET /loader.js?ver=6.1.1 HTTP/1.1
Host: widgets.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvN1n9-4UJzA_4h331IMfWEfwsEv1UJfmS3Vw-lOdFQkdLEJuWus6ThVIQrRN380v4HpC5FhbnDti4OeaFnaXatThShPA_I
x-goog-generation: 1668134903825170
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3157
x-goog-hash: crc32c=7zWrXQ==, md5=V4747DxSSBeug/9aLWlyCA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3157
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Range, Content-Range, X-From-Cache
server: UploadServer
date: Tue, 13 Dec 2022 18:41:59 GMT
expires: Tue, 13 Dec 2022 19:41:59 GMT
cache-control: public, max-age=3600
last-modified: Fri, 11 Nov 2022 02:48:23 GMT
etag: "578ef8ec3c524817ae83ff5a2d697208"
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

performanceequinevs.com/wp-content/themes/mts_schema/theme-specific/doctors/doctor-dup.css?ver=6.1.1

67.225.141.82

200 OK

813 B

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/theme-specific/doctors/doctor-dup.css?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with CRLF line terminators
Size
813 B (813 bytes)
Hash
46dfa13a10f394b404a2c84c458d59f4
72cc68b9902164314f0329d980692fdbf5e6f027
222962b3b74fe402924dad4175bc49f2ef3612b9357139bf39cb105d42d709bf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/mts_schema/theme-specific/doctors/doctor-dup.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Sat, 13 Jun 2020 06:31:18 GMT
etag: "a36-5a7f157599980-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 813
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/css/slick.css?ver=6.1.1

67.225.141.82

200 OK

1.4 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/css/slick.css?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.4 kB (1392 bytes)
Hash
290d2effc568c4127d37ce004de08124
0fb3c67ec3330f9d46c5e50135f689327d1070a0
935ac3a13726f7b0c2079f638d787d0c36f88957307a0b2c18347be12e8f3734

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/mts_schema/css/slick.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Tue, 06 Oct 2020 18:15:12 GMT
etag: "1833-5b10494716c00-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 1392
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

67.225.141.82

200 OK

5.0 kB

URL HTTP/2
performanceequinevs.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5009 bytes)
Hash
e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:40:30 GMT
etag: "48b9-5efa4ffe2f903-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 5009
content-type: application/x-javascript
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/haven-schema-child/assets/animate.min.css?ver=6.1.1

67.225.141.82

200 OK

3.1 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/haven-schema-child/assets/animate.min.css?ver=6.1.1
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with CRLF, CR line terminators
Size
3.1 kB (3067 bytes)
Hash
7149bab629da20e2a5c2d3d3ad3a4b03
4066e4a5aaff9066c3dca6003f206aa64cf6acbe
c4e1e9e446ae553ce832da9c0ba70e92b38aa8e86e8e45d2851f8c6aead65d61

HTTP Headers

GET /wp-content/themes/haven-schema-child/assets/animate.min.css?ver=6.1.1 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Tue, 10 Nov 2020 17:23:14 GMT
etag: "78fd-5b3c3ef116b2b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 3067
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0

67.225.141.82

200 OK

19 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (8705), with CRLF line terminators
Size
19 kB (19044 bytes)
Hash
5173bebac8ab5d80ec53cc2d7ca31e28
129e35ca669107583bd54b1570b0a4b45d77cb6a
3687cb446dbc5255d9ffeac14dfa370ebbf44f2b5d1d4b2fd7ef10bf8e191fd7

HTTP Headers

GET /wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "15ad9-5efa4b4b2194e-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 19044
content-type: text/css
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/facebook_small_icon.png

67.225.141.82

200 OK

223 B

URL HTTP/2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/facebook_small_icon.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 32 x 32, 4-bit colormap, non-interlaced\012- data
Size
223 B (223 bytes)
Hash
cd01d0a0b858636c4ffbdc677340d8ff
bfea29a3622ae145357e4282abaa9a91b31ef5d8
dfc2cd76b621e4cf83c194b1359dd2b2d5f3a915daa2017b58cb9373a6e9ccb5

HTTP Headers

GET /wp-content/plugins/wp-review-slider-pro-premium/public/partials/imgs/facebook_small_icon.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "df-5efa4b4b1fa0e"
accept-ranges: bytes
content-length: 223
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2022/05/esp2.png

67.225.141.82

200 OK

37 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2022/05/esp2.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 300 x 219, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (36956 bytes)
Hash
1505320da16c16d9d2f6d9b3032ba225
117922218994033697a2a44eb2c8dff7becb52cf
487bc4b6ec3d0a3d46caa6d39116557d998ebfc9c73e73e7a0b873823b4bb59e

HTTP Headers

GET /wp-content/uploads/2022/05/esp2.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 18 May 2022 04:05:48 GMT
etag: "905c-5df415f4aabb5"
accept-ranges: bytes
content-length: 36956
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:58 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:58 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/R5q4jGg09cM

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/R5q4jGg09cM
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f45102c1228f204a4a378e07d0565b7
cfba63c53cf016c479ef16251bc02770401a18db
8348e95d18cafe7874e931be60bc0754251ba9cfcad8994ec2b280cbddbe7520

HTTP Headers

POST /s/gts1d4/R5q4jGg09cM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.carecredit.com/sites/pc/image/carecredit_button_applypay_prequal_350x213_green_v1.jpg

104.110.7.17

200 OK

16 kB

URL HTTP/2
www.carecredit.com/sites/pc/image/carecredit_button_applypay_prequal_350x213_green_v1.jpg
IP
104.110.7.17:0
ASN
#16625 AKAMAI-AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
16 kB (15566 bytes)
Hash
c5eb202556d77351048bbd5b9e78f30a
7121991330aa644d66cc3706fe28547a4450ed61
dc7c23ceed219b0ae75546d2c01f691d3454c170b32338b5cab4ec956b74bc09

HTTP Headers

GET /sites/pc/image/carecredit_button_applypay_prequal_350x213_green_v1.jpg HTTP/1.1
Host: www.carecredit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sun, 04 Dec 2022 04:01:33 GMT
server: Akamai Image Manager
x-serial: 288
x-edgeconnect-midmile-rtt: 49
x-edgeconnect-origin-mex-latency: 150
x-check-cacheable: YES
content-length: 15566
content-type: image/webp
cache-control: private, no-transform, max-age=318666
expires: Sat, 17 Dec 2022 11:13:05 GMT
date: Tue, 13 Dec 2022 18:41:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
true_client_ip: 91.90.42.154
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/style.css

67.225.141.82

200 OK

14 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/style.css
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
Unicode text, UTF-8 text, with very long lines (2006)
Size
14 kB (14068 bytes)
Hash
2cdf457471db3afcdc6a163bddb24679
36c89679af3d06afe7b0770f5629191c0f488b15
bcdeb074464657abe2ee6b3d26c73840998284f15a4878f07f75b879e696c0f5

HTTP Headers

GET /wp-content/themes/mts_schema/style.css HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
last-modified: Tue, 06 Oct 2020 18:22:40 GMT
etag: "10e8f-5b104af255c00-gzip"
accept-ranges: bytes
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-length: 14068
content-type: text/css
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12233
Expires: Tue, 13 Dec 2022 22:05:52 GMT
Date: Tue, 13 Dec 2022 18:41:59 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12233
Expires: Tue, 13 Dec 2022 22:05:52 GMT
Date: Tue, 13 Dec 2022 18:41:59 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
26c6025b12d33a0674edeef8c1491ff6
084f3e27246d3f10c36f8251034a32f71e4905be
a3b48719537321a85667771544ce54728ebdb8d3145a8db154997b6376dba12f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B48719537321A85667771544CE54728EBDB8D3145A8DB154997B6376DBA12F"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12233
Expires: Tue, 13 Dec 2022 22:05:52 GMT
Date: Tue, 13 Dec 2022 18:41:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5619 bytes)
Hash
9f8d3e3c9e5d2ed74c3894b4825fcc2f
6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da
9e44f93e65206ae7095cf9177296f4f528f1c2597cffa4853b7d6dcabf032796

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5619
x-amzn-requestid: df7189d2-5cad-43a2-9511-20c5de53f710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEMPFCSIAMF4uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d81-729683c606fd6abc5bc70534;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RGXTgoiaug7mLXDpXTDH6KeUbCEV8ZR9tuJRmG2LU_Mqr_hdLnzpBA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:59:55 GMT
age: 74524
etag: "6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6711 bytes)
Hash
690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YHHaFWjmRFuBvcFQ6orltY_4JuQEcHhfyjxHO3-XZduh_hEGfPcPoA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 03:58:00 GMT
age: 53039
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/images/nobg.png

67.225.141.82

200 OK

68 B

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/images/nobg.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
73031b554fd75a3df2b54c9fc5d2d654
447a248347bf2e003df3dd1750403068575ee019
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

HTTP Headers

GET /wp-content/themes/mts_schema/images/nobg.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 14:19:26 GMT
etag: "44-5a3f5ef9e5780"
accept-ranges: bytes
content-length: 68
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5871 bytes)
Hash
82729f01d4f9937407d14605a2b611f4
63ef739dbbcd1238da788c05909df21826d9f37b
4420ac61a207ef4d7899632123af2dd2c7421e6d16a494aea33383d37d603038

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a14c22-5022-4263-af44-d51914a825ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5871
x-amzn-requestid: 0c5fa60d-81f3-4796-966d-cf91b6a28939
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWefGstIAMF-zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979df6-7234498f4094f61107741d1c;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f6d2A_b3AN_-g7QFNmtlMhjEitZ4fw9GX5w-xx1PxH-z_FdqjvabTQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:57:41 GMT
age: 74658
etag: "63ef739dbbcd1238da788c05909df21826d9f37b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7104 bytes)
Hash
86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eCJ1Y9f8WMsfMlaqxVR4kTx0Eacgeqn2TN-df-DPt9nQI9AIrqHkEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:16:33 GMT
age: 73526
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9676 bytes)
Hash
e6788236cae1083aaf5a1cf95f1a6c9b
3825506ecfd360bf5352979023f445748373be3b
544d94a4896d3db29f3b6e518503f82776a3feaa55a5e9114b5572da1e667691

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba22bdf-55a7-4e1e-9034-79415392197a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9676
x-amzn-requestid: 6d84c903-9bdb-4255-8324-d87d99cd1979
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWgGHZZoAMFtwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979e00-7964e1ca60e88ca45822b963;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r4L6lushe7nGkttIzAH9dCCjcQ6oVWYMUpMyAubdHl-Rjbh4byzlaA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:53:49 GMT
age: 74890
etag: "3825506ecfd360bf5352979023f445748373be3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12144 bytes)
Hash
703d359edb819eaefc6ccae224bbde15
4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8
0452d24052bef979fd13f1a0fefb4c7803ff91c5afa3c871f85b73eb08f15489

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12144
x-amzn-requestid: 0d00ec22-808c-4f60-98b1-87eef4aad829
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6n0yFORIAMFskA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394201e-58f1a5c87fc341bf56fa9d68;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 05:58:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sW4dQXExyH6JvbdtSgIPJUiifHh-VfbfcG5hKMaJ4tZA3pO-fobF6w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Dec 2022 04:15:05 GMT
age: 52014
etag: "4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b9649509b14db5a889641078ccb05066
92c2224c6a970bf397d23a2fd37de759f74dd46c
6e7d750905e29196f6246744bb30b0ab0c5baa4a3909db5fabad7809b58aa825

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:30:11 GMT
expires: Sat, 09 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 389508
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

performanceequinevs.com/wp-content/uploads/2020/11/chevron.png

67.225.141.82

200 OK

192 B

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2020/11/chevron.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 32 x 22, 8-bit colormap, non-interlaced\012- data
Size
192 B (192 bytes)
Hash
8435e84e91a7cc2348745141403e1738
252fb945a8d15b6bfb6f798ff2336d91fd5928a7
1fb32d07bc61e2fb69e17c215bbded3e57f78c491f15abdb8528cd4e1be7e84b

HTTP Headers

GET /wp-content/uploads/2020/11/chevron.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 18:18:43 GMT
etag: "c0-5b3c4b582c637"
accept-ranges: bytes
content-length: 192
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2020/11/plus-pat.png

67.225.141.82

200 OK

372 B

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2020/11/plus-pat.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 52 x 52, 8-bit gray+alpha, non-interlaced\012- data
Size
372 B (372 bytes)
Hash
1dfe7f54329b5d7ae1921efa7f75225a
23232b07138c7c1a1428cf35f8c4c840a5931568
6f0487f95b79b771c35de9584066f71c726e833c6f4f6db3e2df6cf38d913c62

HTTP Headers

GET /wp-content/uploads/2020/11/plus-pat.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 18:18:44 GMT
etag: "174-5b3c4b594fa40"
accept-ranges: bytes
content-length: 372
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d6967930.6323851!2d-85.1062684765957!3d31.48816517793861!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88e88165122ef607%3A0xc4667461729a7b5c!2sPerformance%20Equine%20Veterinary%20Services!5e0!3m2!1sen!2sus!4v1623244730177!5m2!1sen!2sus

216.58.207.228

200 OK

1.6 kB

URL HTTP/2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d6967930.6323851!2d-85.1062684765957!3d31.48816517793861!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88e88165122ef607%3A0xc4667461729a7b5c!2sPerformance%20Equine%20Veterinary%20Services!5e0!3m2!1sen!2sus!4v1623244730177!5m2!1sen!2sus
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3262)
Size
1.6 kB (1594 bytes)
Hash
a7df314ad228de14fa16da725d18825c
d9932a19b411f6509eb18b03a6dc1850b9060778
bc95b03d255085d30c23f4993c14197752c8fa877e26045ca572d98ff2a07d04

HTTP Headers

GET /maps/embed?pb=!1m18!1m12!1m3!1d6967930.6323851!2d-85.1062684765957!3d31.48816517793861!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88e88165122ef607%3A0xc4667461729a7b5c!2sPerformance%20Equine%20Veterinary%20Services!5e0!3m2!1sen!2sus!4v1623244730177!5m2!1sen!2sus HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 18:41:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-KbZXLHlCV_sieABPGaaBJQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1594
x-xss-protection: 0
server-timing: gfet4t7; dur=143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2022/02/equine-veterinarian-ocala-fl.jpeg

67.225.141.82

200 OK

133 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2022/02/equine-veterinarian-ocala-fl.jpeg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 900x600, components 3\012- data
Size
133 kB (132988 bytes)
Hash
498f0be87e620d14c56f0ecd446c9b03
6b93ece18fedb18f9e6ab130bbd2374cb9f18508
6d22d167601d082a90aff04a3d0dff9b30ff3709741d2f9575380d30d7e81ce0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/02/equine-veterinarian-ocala-fl.jpeg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Feb 2022 16:16:28 GMT
etag: "2077c-5d79827eb9bf8"
accept-ranges: bytes
content-length: 132988
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2022/02/equine-hospital-ocala-fl.jpeg

67.225.141.82

200 OK

172 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2022/02/equine-hospital-ocala-fl.jpeg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1000x667, components 3\012- data
Size
172 kB (171903 bytes)
Hash
a3f279263d5073cb3c020fefd5bb212e
fa876a2c9451f7c502000a2ad056336a99abf24a
28b6b4cae08d1f083680051c62fbdb9ba8c5716801c336ffd4182742ce9aed96

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/02/equine-hospital-ocala-fl.jpeg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Feb 2022 16:16:46 GMT
etag: "29f7f-5d798290629f4"
accept-ranges: bytes
content-length: 171903
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8bc1b4db769ee14aba872f3f93af10b1
f24c742805ff56d77d50924d60dabd2b6750c46e
35e6181045327df4b97bddff70ea1f9510e03d6896213b5f8473d8da771b15f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

performanceequinevs.com/wp-content/uploads/2020/12/3QSllJVIQhmxeCQXpZ8Hjsexr6x0tY7-VA-scaled-e1607544549301.jpeg

67.225.141.82

200 OK

390 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2020/12/3QSllJVIQhmxeCQXpZ8Hjsexr6x0tY7-VA-scaled-e1607544549301.jpeg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1120x1508, components 3\012- data
Size
390 kB (390157 bytes)
Hash
f5507c826d78c879c28324d29866966d
7d25355cd6ba11cabe187cf30ee54d63ffd1fd71
02e96ba5c82fe5a4bcff166c911af4f49afb55218702d37b067208142b476aa5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2020/12/3QSllJVIQhmxeCQXpZ8Hjsexr6x0tY7-VA-scaled-e1607544549301.jpeg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 20:09:09 GMT
etag: "5f40d-5b60da1d67573"
accept-ranges: bytes
content-length: 390157
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2020/12/xAKYJZz7isBEdWZSGDglZ4TQivJIoc1QeA.jpg

67.225.141.82

200 OK

11 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2020/12/xAKYJZz7isBEdWZSGDglZ4TQivJIoc1QeA.jpg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x200, components 3\012- data
Size
11 kB (10978 bytes)
Hash
9557af7a875328eb2bd20996e2e9d6fe
2761360db2178548e7f150b8fe7f5a4f8f26b803
81013d6641319b4e3f7e8a1d619374ba1348dd8669fc3460fbfe301e8a0bb7d5

HTTP Headers

GET /wp-content/uploads/2020/12/xAKYJZz7isBEdWZSGDglZ4TQivJIoc1QeA.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 20:06:39 GMT
etag: "2ae2-5b60d98e27369"
accept-ranges: bytes
content-length: 10978
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/fonts/slick.woff

67.225.141.82

200 OK

1.4 kB

URL HTTP/2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/fonts/slick.woff
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
Web Open Font Format, CFF, length 1380, version 1.0\012- data
Size
1.4 kB (1380 bytes)
Hash
b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-review-slider-pro-premium/public/css/fonts/slick.woff HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "564-5efa4b4b21d36"
accept-ranges: bytes
content-length: 1380
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/font-woff
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2022/02/top-header-bg.jpg

67.225.141.82

200 OK

57 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2022/02/top-header-bg.jpg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
gzip compressed data, max compression\012- data
Size
57 kB (56717 bytes)
Hash
23244f6101348927192953d45abfded4
838517641474e9244a1b778af25f491994b946af
d9ba990e5c0d75eda6e4239802fa596b18c6365dfb445b024a62a51d158d0df1

HTTP Headers

GET /wp-content/uploads/2022/02/top-header-bg.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/wp-content/themes/haven-schema-child/style.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Thu, 03 Feb 2022 06:21:40 GMT
etag: "2f581-5d71725b2c5d3"
accept-ranges: bytes
content-length: 193921
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6668df18d0e067cb9d2cdb88facba6a9
8dca458501ed32e2b530d729817e0a12910145ec
8fa090fc36252b04f278f812a6b4f286dc672bbfb6db1402ac814f4f9723f5fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js

142.250.74.3

200 OK

69 kB

URL HTTP/2
maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2669)
Size
69 kB (69327 bytes)
Hash
670da89542ecf04a8bbff2049748654f
2fcd2c31427edfd9b3180e233a009677b0d88973
d1bdcacb4973ce7c60a0f59144bf6fb699eea4fc016ca1780cdf61dbd9efb3bc

HTTP Headers

GET /maps-api-v3/embed/js/51/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69327
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:12:31 GMT
expires: Thu, 07 Dec 2023 20:12:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
content-type: text/javascript
age: 512968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6668df18d0e067cb9d2cdb88facba6a9
8dca458501ed32e2b530d729817e0a12910145ec
8fa090fc36252b04f278f812a6b4f286dc672bbfb6db1402ac814f4f9723f5fd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

performanceequinevs.com/wp-content/uploads/2019/02/Amanda-Cook.jpg

67.225.141.82

200 OK

58 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2019/02/Amanda-Cook.jpg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x400, components 3\012- data
Size
58 kB (58018 bytes)
Hash
1ad648df24e8ed75ad4da1054fb22ce9
20c346bbe5f48309594d307ce2222cda0e68d374
1b4c11a6f07923cd0163d3ef23dfb6dbb083dd7c10adbfef29e443683db5667c

HTTP Headers

GET /wp-content/uploads/2019/02/Amanda-Cook.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:03 GMT
etag: "e2a2-5b3c3f1f94fa2"
accept-ranges: bytes
content-length: 58018
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0

67.225.141.82

200 OK

77 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/mts_schema/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://performanceequinevs.com/wp-content/themes/mts_schema/css/font-awesome.min.css?ver=6.1.1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Apr 2020 14:19:24 GMT
etag: "12d68-5a3f5ef7fd300"
accept-ranges: bytes
content-length: 77160
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: application/font-woff2
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2019/03/60-VET.jpg

67.225.141.82

200 OK

91 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2019/03/60-VET.jpg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x582, components 3\012- data
Size
91 kB (91020 bytes)
Hash
9cc6d8a464e583fc1c6cddc907ae3e06
945f4c92e828d12468d2e69b6298ee88353acb92
91626ecff01caf2531a598ae05ee6b30c070ba9c1900a70494ba61d430e88c0d

HTTP Headers

GET /wp-content/uploads/2019/03/60-VET.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:19 GMT
etag: "1638c-5b3c3f2f1e2b3"
accept-ranges: bytes
content-length: 91020
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2020/03/Rullan-Gallery-Photo-3.jpg

67.225.141.82

200 OK

105 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2020/03/Rullan-Gallery-Photo-3.jpg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, progressive, precision 8, 618x960, components 3\012- data
Size
105 kB (105377 bytes)
Hash
11aed9098c4ff0ff1608c456131ea7f5
218973757440663f7afdbfdb8a3960e71c3b051b
df1cad869af9750cb63cbe99a692939859a1161b5ad98b9b8ac926a9cfc0305e

HTTP Headers

GET /wp-content/uploads/2020/03/Rullan-Gallery-Photo-3.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:22 GMT
etag: "19ba1-5b3c3f31b1935"
accept-ranges: bytes
content-length: 105377
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2019/02/resize-IMG_2950.jpg

67.225.141.82

200 OK

242 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2019/02/resize-IMG_2950.jpg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, manufacturer=Canon, model=Canon EOS REBEL T3, resolutionunit=2, datetime=2016:09:07 14:05:30], baseline, precision 8, 1920x1280, components 3\012- data
Size
242 kB (241468 bytes)
Hash
2e7e6e1abce57ad4ebb5418db9e5ee51
493b3fde9c82b0bdbc66ae16a0bdda71f282eb23
b24461a392d96eeb875ad4bb8e4f590873c34a5e10a23bffd87a21e7b8d4670e

HTTP Headers

GET /wp-content/uploads/2019/02/resize-IMG_2950.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:05 GMT
etag: "3af3c-5b3c3f215014b"
accept-ranges: bytes
content-length: 241468
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2019/02/fieldsurgery-scaled.jpg

67.225.141.82

200 OK

433 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2019/02/fieldsurgery-scaled.jpg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2560x1707, components 3\012- data
Size
433 kB (432986 bytes)
Hash
a3650eee13ed80ec1778ed901c2a5bb4
0b2ca429e3601ab9e894891034c26aab39cbcd99
164851de8929e0b8dad38f4e0bc39722f24063b6f7ba4eec669d1bd88625d19c

HTTP Headers

GET /wp-content/uploads/2019/02/fieldsurgery-scaled.jpg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Tue, 10 Nov 2020 17:24:08 GMT
etag: "69b5a-5b3c3f247b185"
accept-ranges: bytes
content-length: 432986
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/uploads/2020/12/uARYdqZIRmKeSjoWnsacHvhZap6dsUWBPg-scaled-e1607544729780.jpeg

67.225.141.82

200 OK

508 kB

URL HTTP/2
performanceequinevs.com/wp-content/uploads/2020/12/uARYdqZIRmKeSjoWnsacHvhZap6dsUWBPg-scaled-e1607544729780.jpeg
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 1971x1133, components 3\012- data
Size
508 kB (508520 bytes)
Hash
a48aa0d6fafc075fdb7709bd1b169bf3
5c6291ae61600e006a0678e264298c617fdf3c48
75fa951d61fccf711d9fcc8d2eda670cfbc344d409dd16bd0c4a393d8fbe2e8b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2020/12/uARYdqZIRmKeSjoWnsacHvhZap6dsUWBPg-scaled-e1607544729780.jpeg HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 20:12:09 GMT
etag: "7c268-5b60dac977018"
accept-ranges: bytes
content-length: 508520
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/jpeg
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f3a70d8ddbade77f5a23db8af884c0d6
04ea47aef9f45cfaac947c94a3f56ad9a1a9e610
7ced73077954fcf401b9bddc683d5c3ee38212cca3d30c56a1c2519f986d13b6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-RV9QL9HDWF&gtm=2oebu0&_p=951571627&cid=1774996477.1670956918&ul=en-us&sr=1280x1024&_s=1&sid=1670956917&sct=1&seg=0&dl=https%3A%2F%2Fperformanceequinevs.com%2F&dt=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-RV9QL9HDWF&gtm=2oebu0&_p=951571627&cid=1774996477.1670956918&ul=en-us&sr=1280x1024&_s=1&sid=1670956917&sct=1&seg=0&dl=https%3A%2F%2Fperformanceequinevs.com%2F&dt=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-RV9QL9HDWF&gtm=2oebu0&_p=951571627&cid=1774996477.1670956918&ul=en-us&sr=1280x1024&_s=1&sid=1670956917&sct=1&seg=0&dl=https%3A%2F%2Fperformanceequinevs.com%2F&dt=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://performanceequinevs.com
date: Tue, 13 Dec 2022 18:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/imgs/slider_arrow.png

67.225.141.82

200 OK

196 B

URL HTTP/2
performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/imgs/slider_arrow.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 9 x 16, 8-bit gray+alpha, non-interlaced\012- data
Size
196 B (196 bytes)
Hash
2ef00a0cc7dce1f775b3418af1655781
a6d020af873f813c1fddb8bee1e8858e0d1a94be
16be0ced465b05ef7b5b40cdb3cc3e09a1fa52c540a22d327ad9e82ad806dd32

HTTP Headers

GET /wp-content/plugins/wp-review-slider-pro-premium/public/css/imgs/slider_arrow.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/wp-content/plugins/wp-review-slider-pro-premium/public/css/wprevpro_w3.css?ver=11.5.0
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Mon, 12 Dec 2022 17:19:28 GMT
etag: "c4-5efa4b4b2194e"
accept-ranges: bytes
content-length: 196
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:41:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:41:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

142.250.74.35

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (649)
Size
163 kB (163396 bytes)
Hash
aa75370bb1ce2d5b05b0d02f6feecba4
f110915b53288da7b267c51210cfc239dc0b5591
cfb8dadaba93a5e0a08739ce589b55cc61fb93d0c616da564394ce925bef6197

HTTP Headers

GET /recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 16:04:41 GMT
expires: Wed, 13 Dec 2023 16:04:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
content-type: text/javascript
age: 9439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 13 Dec 2022 17:34:02 GMT
expires: Tue, 13 Dec 2022 19:34:02 GMT
cache-control: public, max-age=7200
age: 4078
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
69a7451c35876a8257f0525d6e9ed93d
506c7fcac44cb8190813b6e1171e42884d26cb5a
3f68d76c4edfb94578f3c10dcef00b865001f6c5f19a71cf7b744557f905cf3a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/427613575/?random=1670956917642&cv=11&fst=1670956917642&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&auid=777209353.1670956918&data=event%3Dgtag.config&rfmt=3&fmt=4

172.217.21.162

200 OK

924 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/427613575/?random=1670956917642&cv=11&fst=1670956917642&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&auid=777209353.1670956918&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2043), with no line terminators
Size
924 B (924 bytes)
Hash
5db8d3d48887200c9db1e906eece9db3
f64371544fdb1415a106fb78d9baea54d4814e20
27e4b672da8b990526c5dc772527db91b5a1d12dd9e2121a2fbd9d554e12dfe6

HTTP Headers

GET /pagead/viewthroughconversion/427613575/?random=1670956917642&cv=11&fst=1670956917642&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&auid=777209353.1670956918&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 18:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 924
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Dec-2022 18:57:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png

67.225.141.82

200 OK

12 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12485 bytes)
Hash
d03258c9b842257bdd7d3331ba489bb8
ab1a27211a737e7ae1ec7669e47b68dfbcf17901
6e5ff69148e2ce3877182bf1ec70d1e01abc680cb0c1dd9b28e5b1ef4239d5d2

HTTP Headers

GET /wp-content/themes/mts_schema/images/apple-touch-icon-144-precomposed.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.777209353.1670956918; _ga_RV9QL9HDWF=GS1.1.1670956917.1.0.1670956917.0.0.0; _ga=GA1.1.1774996477.1670956918
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 14:19:26 GMT
etag: "30c5-5a3f5ef9e5780"
accept-ranges: bytes
content-length: 12485
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:42:00 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:42:00 GMT
server: Apache
X-Firefox-Spdy: h2

performanceequinevs.com/wp-content/themes/mts_schema/images/favicon.png

67.225.141.82

200 OK

4.2 kB

URL HTTP/2
performanceequinevs.com/wp-content/themes/mts_schema/images/favicon.png
IP
67.225.141.82:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4166 bytes)
Hash
9cd9877ac8b6f799cca5d9ee2b784ecd
46696bec58e775cf809dab4969c8f1da036c384b
8a43af0fa70295eb53f1abd57fcdbe8a84b2b9345bfc07f544775aa09be4689f

HTTP Headers

GET /wp-content/themes/mts_schema/images/favicon.png HTTP/1.1
Host: performanceequinevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://performanceequinevs.com/
Connection: keep-alive
Cookie: _gcl_au=1.1.777209353.1670956918; _ga_RV9QL9HDWF=GS1.1.1670956917.1.0.1670956917.0.0.0; _ga=GA1.1.1774996477.1670956918
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-content-type-options: nosniff
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
strict-transport-security: max-age=31536000
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 14:19:26 GMT
etag: "1046-5a3f5ef9e5780"
accept-ranges: bytes
content-length: 4166
cache-control: max-age=31536000, public, public
expires: Wed, 13 Dec 2023 18:42:00 GMT
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
pragma: public
content-type: image/png
date: Tue, 13 Dec 2022 18:42:00 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f4942735f0e39273509faff0eb7ae8f7
35252c3eaf3ae6d0b572d960dafd32dd4cb140fd
de447902446c6b4c6ceaae57844d7e9a9ce9ba78d162b9f1fffee64bfea4f3cf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
199925093192d6206fa6235535ad8471
3f6a6f790a64f9b85965c5a6be09805a0f38af90
206dd41c7d15caae4f59b111b41f6f9fa317981e800c5d946b83803ca7eb93ea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/427613575/?random=1670956917642&cv=11&fst=1670954400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=548269718&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/427613575/?random=1670956917642&cv=11&fst=1670954400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=548269718&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/427613575/?random=1670956917642&cv=11&fst=1670954400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fperformanceequinevs.com%2F&tiba=Equine%20Veterinarian%20in%20Ocala%20FL%2C%20Equine%20Hospital%20%7C%20Performance%20Equine%20Veterinary%20Services&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=548269718&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 18:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
199925093192d6206fa6235535ad8471
3f6a6f790a64f9b85965c5a6be09805a0f38af90
206dd41c7d15caae4f59b111b41f6f9fa317981e800c5d946b83803ca7eb93ea

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js

104.17.25.14

200 OK

9.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (26995)
Size
9.0 kB (8967 bytes)
Hash
858480d3acbd708b24c4fb2094a7a4cf
6a8263b9e78ec3706b9472a2351e20f39dd611ad
e9da7fcbd76e5f8bf8a72f403f7e105fa2ac61d6432a690b85afa9d076a44077

HTTP Headers

GET /ajax/libs/intl-tel-input/17.0.12/js/intlTelInput.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://widgets.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Dec 2022 18:42:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 8967
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "602836ba-7351"
last-modified: Sat, 13 Feb 2021 20:29:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1195570
expires: Sun, 03 Dec 2023 18:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk0f7bN7uh6jD22K2DYDvCyoj5a%2F9EuhLDgDBbPGHdq9XicjdhEUmUGzHwfSiPhg3Wp%2FEjAd%2FRP6YUoUJE%2FZRXmym6Lx5iQEaEhhoJ7o155zaTA63wpRR7a42EneNMqldO3RFUj7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7790d6539a60b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css

104.17.25.14

200 OK

1.8 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19157), with no line terminators
Size
1.8 kB (1820 bytes)
Hash
4eade92e5f7544b01a36a5cdd3510af2
fe96da6c2d25fe612714759bdc3e293aaa74e49e
66c8a017eb9d1ff2d2227ffc9ae0af55d186969b062c87f2bb7a920df4f50bc3

HTTP Headers

GET /ajax/libs/intl-tel-input/17.0.12/css/intlTelInput.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Dec 2022 18:42:00 GMT
content-type: text/css; charset=utf-8
content-length: 1820
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "602836ba-4ad5"
last-modified: Sat, 13 Feb 2021 20:29:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1197560
expires: Sun, 03 Dec 2023 18:42:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAKUDU0%2BEIRUA5QY80lyDdgLuBcwtNr7CEyCGvQu1OtW2glVXHQazcbG8ZaT2gyHs2Dm5dEraHKPiw9mT0thB8t%2Bb1UAeQOjO5c8aHweeYSaI2sGW%2BzzCj7sHVC2wh%2Bnq%2FfZL7MR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7790d65398d3b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 515286
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/7_8ryOK2h0M

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/7_8ryOK2h0M
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58d8258ce2c51bce837113e9419d4225
291cb9451768fcd34ff70b73910c25180fbef46c
e278a656402a871461ed838a6d859bcae6e9e3a0f155491e070c78214dba2915

HTTP Headers

POST /s/gts1d4/7_8ryOK2h0M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/jiW5rvgdad0

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ab673ecc49bf329659496731e5746ac
441f0355948f6de4212807cf3f3798d0eef1a16d
57c1139e0a3269c4d7b9848c58c527d5fd517ee6db50d02cbc0cd13a13ed4459

HTTP Headers

POST /s/gts1d4/jiW5rvgdad0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/jiW5rvgdad0

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ab673ecc49bf329659496731e5746ac
441f0355948f6de4212807cf3f3798d0eef1a16d
57c1139e0a3269c4d7b9848c58c527d5fd517ee6db50d02cbc0cd13a13ed4459

HTTP Headers

POST /s/gts1d4/jiW5rvgdad0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

msgsndr.com/cors/js/user-session.js

216.239.34.21

200 OK

3.1 kB

URL HTTP/2
msgsndr.com/cors/js/user-session.js
IP
216.239.34.21:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (7603), with no line terminators
Size
3.1 kB (3130 bytes)
Hash
36edb809ca302f3bbf4ab4205e6a39c3
48256998fef3d86c151ff53140103c82042129e7
0658267c5d72ad075a9888f959c0d82214bda587527da1cafd866201b21646de

HTTP Headers

GET /cors/js/user-session.js HTTP/1.1
Host: msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://widgets.leadconnectorhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
content-encoding: gzip
x-cloud-trace-context: d4dc70002bbd26b8c71ad31960900838
server: Google Frontend
content-length: 3130
accept-ranges: bytes
date: Tue, 13 Dec 2022 18:42:01 GMT
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1db3-49773873e8"
content-type: application/javascript; charset=UTF-8
age: 0
X-Firefox-Spdy: h2

services.leadconnectorhq.com/funnels/funnel/geo-location/

34.120.211.235

204 No Content

0 B

URL HTTP/2
services.leadconnectorhq.com/funnels/funnel/geo-location/
IP
34.120.211.235:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /funnels/funnel/geo-location/ HTTP/1.1
Host: services.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://performanceequinevs.com/
Origin: https://performanceequinevs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
content-length: 0
date: Tue, 13 Dec 2022 18:42:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/jiW5rvgdad0

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/jiW5rvgdad0
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ab673ecc49bf329659496731e5746ac
441f0355948f6de4212807cf3f3798d0eef1a16d
57c1139e0a3269c4d7b9848c58c527d5fd517ee6db50d02cbc0cd13a13ed4459

HTTP Headers

POST /s/gts1d4/jiW5rvgdad0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d37dba0f1979b048c5be8f26973c9044
37dbbb5faed93e281130e927a096ab81cbac2665
331be714bbd4def6b494c04dc06c1d346e920044bdb7ae0536f35b0459ec4854

HTTP Headers

POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d37dba0f1979b048c5be8f26973c9044
37dbbb5faed93e281130e927a096ab81cbac2665
331be714bbd4def6b494c04dc06c1d346e920044bdb7ae0536f35b0459ec4854

HTTP Headers

POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

services.leadconnectorhq.com/funnels/funnel/geo-location/

34.120.211.235

200 OK

61 B

URL HTTP/2
services.leadconnectorhq.com/funnels/funnel/geo-location/
IP
34.120.211.235:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
c93e99cc315de521c32982eb1e6e3315
3bf7723215c224c5eddf1daacf2db7499bc2f2ed
a9ce718bc4ef0c988de522526bf1fd63346771c63cb565790c2de1a4d4dfdebf

HTTP Headers

GET /funnels/funnel/geo-location/ HTTP/1.1
Host: services.leadconnectorhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://performanceequinevs.com
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
content-length: 61
etag: W/"3d-O/dyMhXCJMXt3x2qzy23SZvC8u0"
vary: Accept-Encoding
date: Tue, 13 Dec 2022 18:42:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

services.msgsndr.com/attribution_service/user_session_v3/create_session

34.98.115.9

200 OK

0 B

URL HTTP/2
services.msgsndr.com/attribution_service/user_session_v3/create_session
IP
34.98.115.9:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /attribution_service/user_session_v3/create_session HTTP/1.1
Host: services.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://performanceequinevs.com/
Origin: https://performanceequinevs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
content-length: 0
date: Tue, 13 Dec 2022 18:42:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/lzgSNRmeaHU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d37dba0f1979b048c5be8f26973c9044
37dbbb5faed93e281130e927a096ab81cbac2665
331be714bbd4def6b494c04dc06c1d346e920044bdb7ae0536f35b0459ec4854

HTTP Headers

POST /s/gts1d4/lzgSNRmeaHU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

services.msgsndr.com/attribution_service/user_session_v3/create_session

34.98.115.9

200 OK

105 B

URL HTTP/2
services.msgsndr.com/attribution_service/user_session_v3/create_session
IP
34.98.115.9:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
105 B (105 bytes)
Hash
ef0bd07842333262d31588b570641a9c
85feb84849b2783cb667faecd1e3220bf99ec689
bdfda4c427213868db5ef0d23d6fa7b059f335c540120d5f87fb438739260e5b

HTTP Headers

POST /attribution_service/user_session_v3/create_session HTTP/1.1
Host: services.msgsndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://performanceequinevs.com
Content-Length: 560
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
content-length: 105
etag: W/"69-hf64SEmyeDy2Z/rs0eMiC/mexok"
date: Tue, 13 Dec 2022 18:42:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa97997d5-6f2f-45e7-8b56-795bebd84b54.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12503 bytes)
Hash
554fa9188556c1f0dac094819827a9e9
71c7162977f3ff9baf295d684ad45ab394ba33f2
910391e3686ed9314b09693500ccd41995efcdef8d2f4df7eb4c327f2eac2eff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa97997d5-6f2f-45e7-8b56-795bebd84b54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 12503
x-amzn-requestid: 805024f4-b82a-4a3d-b0ef-045572febf05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWeeG2lIAMF3vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979df6-358be30b5b63c8bb5248871d;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XiL6HKsj9KMDsukD4kroJFGBFTKJd002Jr8xTDkjXKS8b_lOokLAyw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:53:49 GMT
age: 74897
etag: "71c7162977f3ff9baf295d684ad45ab394ba33f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.1.1

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 18:41:58 GMT
date: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:normal|Montserrat:700|Montserrat:600&subset=latin

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:normal|Montserrat:700|Montserrat:600&subset=latin
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:normal|Montserrat:700|Montserrat:600&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 18:41:58 GMT
date: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 18:41:58 GMT
date: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://performanceequinevs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 18:41:58 GMT
date: Tue, 13 Dec 2022 18:41:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (49)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations