firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 20:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zfZ9XY0v1eA8IoWbZNLPKAqLwgjy_i2N-tjo3u-IKpndaaCzy8Wvkw==
Age: 684
dkfmed.ca/
165.231.154.30301 Moved Permanently 230 B IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 545f66ed826dc650cc92b1abeff33f27
0935340463803a3582371ecbe8350ef02ae04d50
a3e5fe4121b74201d27a0bb9dca4df348ec38501bbcc4daf7f31a6542edd4bd5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Sep 2022 20:16:10 GMT
Server: Apache
Location: https://www.dkfmed.ca/
Content-Length: 230
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Wed, 07 Sep 2022 20:59:21 GMT
Date: Wed, 07 Sep 2022 20:16:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c5Srsfvz13Gy9mQ8K8Ie4AcJzPDbmDs6iCqhJMHOZjQAagZJTNjbaA==
age: 59377
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 20:16:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 19:38:18 GMT
Expires: Wed, 07 Sep 2022 19:54:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1z21JIVxfKyb0UfWM2ZshctiBP67v8b4fazc0tYLTjxd7-vYNubINQ==
Age: 2273
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6359
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:11 GMT
Last-Modified: Wed, 07 Sep 2022 18:30:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L7ZpnRfZvo4/agP7nXbBzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GfNYjWYPFDOFHGomSUq+x+YCaSM=
www.dkfmed.ca/
165.231.154.30200 OK 40 kB IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4538), with CRLF, LF line terminators
Hash 5c6757f7561800c185193f577eea6f6a
7b1a408caaaec3936bf8bd66d643f20ceb28b483
afbff71a12ea27bff9588db87bc0b077261b15b0b062bee258a529bacd4b8a49
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:11 GMT
Server: Apache
Set-Cookie: cookie_test=please_accept_for_session; expires=Fri, 07-Oct-2022 20:16:11 GMT; Max-Age=2592000; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dkfmed.ca/includes/templates/vuoricanada/css/style.css
165.231.154.30200 OK 25 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/style.css
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with very long lines (1470)
Hash 0269f25a408028ad7d1fa88f3fc07c32
bdf70b66b3a9a09ed1b009ccd694b89574646d9c
4225c3ed92bfc238dee21c99754cc70c6be9605fd4613f706c9ea927b00606d8
GET /includes/templates/vuoricanada/css/style.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 24572
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_lightbox.css
165.231.154.30200 OK 2.4 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_lightbox.css
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with CRLF line terminators
Hash 4156c4f3b3e8eb75b3f0ffc31b9b3c48
d2e2362789756890af0cd16178e7dc00b66a2032
9b1778227a7dc12daa8be9254e2f90de342d38c9c26140ffd85c82de5a1f70cd
GET /includes/templates/vuoricanada/css/stylesheet_lightbox.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 2370
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_categories_menu.css
165.231.154.30200 OK 2.3 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_categories_menu.css
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
Hash 77ac4aa1fc1b80426aa7ad8033dcb40c
fa30830acbbe5458aa445be97ecd00be2e1d60fa
93a60cfc2924d4c2d193bd12bd2ccd8d54b433b975bf842d9c2547a95efabdf0
GET /includes/templates/vuoricanada/css/stylesheet_categories_menu.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 2341
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_header_menu.css
165.231.154.30200 OK 3.4 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_header_menu.css
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with CRLF line terminators
Hash 7c59b4da415474ab8a00f8eabfb367f9
9f56b279588144bbd3b13b87901b042f99444f77
aaf8c209a2a5b2c448f59f3de003831ebc7ab30e92e9b718e137377009b2925d
GET /includes/templates/vuoricanada/css/stylesheet_header_menu.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 10:01:03 GMT
Accept-Ranges: bytes
Content-Length: 3386
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_jquery.mmenu.all.css
165.231.154.30200 OK 11 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_jquery.mmenu.all.css
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
Hash e2eb2f35cf8f984d3f5f03df844b336e
763043a9a6ca87e841eb2c4e037f7359b66097b8
af696727609018b4e408eaf3c67d3f4b8e4185163ca22cbe64b13405edbfdc7a
GET /includes/templates/vuoricanada/css/stylesheet_jquery.mmenu.all.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 10914
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_slick.css
165.231.154.30200 OK 4.2 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_slick.css
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with CRLF line terminators
Hash d081927955913375cd1202d3803adcc2
f09e4a037b3289cd6d0a4fecfa7d2cab3e91fedc
b12ef925712c3f4389ad2c03898732e465404634d5f817aef2e7724bb7b96ab4
GET /includes/templates/vuoricanada/css/stylesheet_slick.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 4154
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet1.css
165.231.154.30200 OK 18 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet1.css
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with very long lines (876)
Hash 1f2607167694349ffb03ebd85fbf30aa
881b9f62dba7f34d413ade661f9228a183a30531
195a167034ac71e2c6634f4fa03ae93b631512b167db1091f8801d7c46bb7c07
GET /includes/templates/vuoricanada/css/stylesheet1.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 17510
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery_kinSlideshow.js
165.231.154.30200 OK 9.7 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery_kinSlideshow.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ISO-8859 text, with very long lines (8513), with CRLF line terminators
Hash 08a763acea723e1d88cbce2f1c9b3317
ea20687e4f773bf67907b0edb029ebafbc110fc1
c17caeebb94b90d9aae3dc3142cda848f67e8b9425a6d25e434af74d2978aba4
Analyzer Verdict Alert fortinet Phishing
GET /includes/templates/vuoricanada/jscript/jscript_jquery_kinSlideshow.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Sun, 21 Nov 2010 08:51:10 GMT
Accept-Ranges: bytes
Content-Length: 9674
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_lightbox.js
165.231.154.30200 OK 20 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_lightbox.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ISO-8859 text, with very long lines (797), with CRLF line terminators
Hash 3d79a6c53803295ef00c052546d76500
f1481ce4f6f2aaefd7a5b6af19be42c7b1606dcc
93acbf26510bd264764a43d220a984b78270cd37536e0aa6bf8deb1fb28338f8
Analyzer Verdict Alert fortinet Phishing
GET /includes/templates/vuoricanada/jscript/jscript_lightbox.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Sun, 24 Oct 2010 03:36:54 GMT
Accept-Ranges: bytes
Content-Length: 20417
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_all.css
165.231.154.30200 OK 108 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_all.css
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
Size 108 kB (108033 bytes)
Hash d98ca3e08c1a7b8a6a54282d1416c08b
6d27b78c1301877b089dde6f7a840d56a8925afa
174def84d780152ab66ddf9eddcd43326766dc39800ebcea686ad257188e553d
GET /includes/templates/vuoricanada/css/stylesheet_all.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 25 Mar 2022 10:50:23 GMT
Accept-Ranges: bytes
Content-Length: 108033
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js
165.231.154.30200 OK 86 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with very long lines (32069)
Hash 93c4b563622d278b1065690a3d93709e
f00d128cf399f17322b1d4ee02fa8cd892e081bd
601c06474a16936670a0477da2a777ccfca3301e3857204ec9b55dfa2c45287e
Analyzer Verdict Alert fortinet Phishing
GET /includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 29 Jul 2020 00:10:10 GMT
Accept-Ranges: bytes
Content-Length: 85588
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery.js
165.231.154.30200 OK 86 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash e85aed5c30d734f1e30646e030d7a817
b8dcaa1c866905c0bdb0b70c8e564ff1c3fe27ad
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Analyzer Verdict Alert fortinet Phishing
GET /includes/templates/vuoricanada/jscript/jscript_jquery.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2011 16:28:42 GMT
Accept-Ranges: bytes
Content-Length: 85925
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_slick.js
165.231.154.30200 OK 89 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_slick.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
Hash 5f8f4aed010e1afe499184d8197309f9
097f6a1b4f115e9b6ebefa70d76d830733bcc9ba
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4
Analyzer Verdict Alert fortinet Phishing
GET /includes/templates/vuoricanada/jscript/jscript_slick.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 07:22:28 GMT
Accept-Ranges: bytes
Content-Length: 88955
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/js/modernizr.custom.js
165.231.154.30200 OK 7.7 kB URL HTTP/1.1 www.dkfmed.ca/js/modernizr.custom.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type HTML document, ASCII text, with very long lines (7558)
Hash 02009db489ef4805210aafa21a6b8276
d3c333feb80a2e4045a6a353838171aaee6b878d
0cdb507e0527a90fb5b98b238843f6d2be8ded6d71f40458ff8e75b731405cad
Analyzer Verdict Alert fortinet Phishing
GET /js/modernizr.custom.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2016 17:34:46 GMT
Accept-Ranges: bytes
Content-Length: 7671
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/js/jquery.mmenu.min.all.js
165.231.154.30200 OK 39 kB URL HTTP/1.1 www.dkfmed.ca/js/jquery.mmenu.min.all.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with very long lines (401)
Hash 5b2edbe2f95659b625a0b919ebf98286
1c5722696e849953fccdf41e0f0a01e3f37a80da
a83065a45e7248c11ae228cab8da5d6bfcfa4791be255e2a78e81dbc456a4637
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.mmenu.min.all.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 08 May 2020 16:51:20 GMT
Accept-Ranges: bytes
Content-Length: 38800
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/js/classie.js
165.231.154.30200 OK 1.8 kB URL HTTP/1.1 www.dkfmed.ca/js/classie.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
Hash a9df1cfb76ce492afd9d13f3320272fd
782b9564f015a2ec7bdf9c89e238fab9b44bd587
717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144
Analyzer Verdict Alert fortinet Phishing
GET /js/classie.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2016 17:34:46 GMT
Accept-Ranges: bytes
Content-Length: 1835
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/js/uisearch.js
165.231.154.30200 OK 6.0 kB URL HTTP/1.1 www.dkfmed.ca/js/uisearch.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with very long lines (2051), with CRLF line terminators
Hash 028b2e146eff5f378e21e7fe48131468
af6b54a64da88204e2d2c527c1a941dc17e790e3
86f2854513305e334b86057c752cf3821b72156d1f6aa0fd8132c57bec74d285
Analyzer Verdict Alert fortinet Phishing
GET /js/uisearch.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2016 17:34:46 GMT
Accept-Ranges: bytes
Content-Length: 6033
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/js/jquery-1.7.2.min.js
165.231.154.30200 OK 158 kB URL HTTP/1.1 www.dkfmed.ca/js/jquery-1.7.2.min.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with very long lines (749)
Size 158 kB (157648 bytes)
Hash 6f3d61313966fcd43b0334aa5fad66b9
22b2b120da5b405a348e4abdd865c496625d87ab
f2374ffefd903e49bfa1772a042c1b593e52cd862e6553f538128ab4a58fe5b5
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Thu, 07 May 2020 17:22:20 GMT
Accept-Ranges: bytes
Content-Length: 157648
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/includes/templates/vuoricanada/js/layer.js
165.231.154.30200 OK 38 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/js/layer.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with very long lines (984)
Hash f679a433cba7ebde1bbe121fffd8c60c
4d2159e06a5e80328e0ba9554e02fb2422ed0b36
60c2f96124f2970788057614a90229fe470b13f5420e5794d90d73c9e08ce2f0
Analyzer Verdict Alert fortinet Phishing
GET /includes/templates/vuoricanada/js/layer.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Tue, 29 Jun 2021 12:47:40 GMT
Accept-Ranges: bytes
Content-Length: 37747
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/includes/templates/vuoricanada/js/re_login.js
165.231.154.30200 OK 11 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/js/re_login.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 9b67116ecba4f7049bfc3237ad5400c8
df1f51ea8d9423d689d8fe8b106e367a81502126
68bcdb504903424438e35c8294d0f1f69daa05026deb95ccdb3d4b7ab1b18acd
Analyzer Verdict Alert fortinet Phishing
GET /includes/templates/vuoricanada/js/re_login.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Fri, 30 Jul 2021 13:53:12 GMT
Accept-Ranges: bytes
Content-Length: 10701
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/js/slick_new.js
165.231.154.30200 OK 1.9 kB URL HTTP/1.1 www.dkfmed.ca/js/slick_new.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with CRLF line terminators
Hash 37192079541f105b380c4d17cb5b1a45
4cf67b7d006b630a2e063acb52740d1b8cfa08c4
faffeb52bd73185450a0e8bad135ac6209a599c01d2247636e29fe4d640557cf
Analyzer Verdict Alert fortinet Phishing
GET /js/slick_new.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Mon, 27 Dec 2021 12:22:54 GMT
Accept-Ranges: bytes
Content-Length: 1859
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dkfmed.ca/js/jquery.jxa.js
165.231.154.30200 OK 2.7 kB URL HTTP/1.1 www.dkfmed.ca/js/jquery.jxa.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with CRLF line terminators
Hash ca643ec9e974f881e4c904db35bc40c7
759df5ef14b4e2c0c46770b5e408f600972294ca
a1e3d7d98e8e9886c1181e7d53ddd4a6ff424a0fff640d1dc4b06757f096e0e2
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.jxa.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2020 14:46:06 GMT
Accept-Ranges: bytes
Content-Length: 2658
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
142.250.74.163200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkfmed.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:36:08 GMT
expires: Fri, 01 Sep 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 517205
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dkfmed.ca/images/hoverimg/202203091108418705.png
165.231.154.30200 OK 2.0 kB URL HTTP/1.1 www.dkfmed.ca/images/hoverimg/202203091108418705.png
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type PNG image data, 173 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 654bbd20df1e1c2eb2c06b4dbe446b22
a02bf96ff11cc3dd35f6f53d40808138157c33c3
4ec087a0087f444089d583f11a6453f468bd2edd9f26759e6fbdf6ac9e4a29bb
GET /images/hoverimg/202203091108418705.png HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 08:08:42 GMT
Accept-Ranges: bytes
Content-Length: 2028
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.dkfmed.ca/includes/templates/vuoricanada/images/flag/CAN.png
165.231.154.30200 OK 373 B URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/images/flag/CAN.png
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type PNG image data, 27 x 17, 8-bit/color RGB, non-interlaced\012- data
Hash 5bcefbd3115209dc486a33315fd0adfe
8092f5ffa43e543815386f2956ae80c27f233dcf
42499bcaf81be894215431d16cbcddfea28868095b7d13e4419784e446d99bbf
GET /includes/templates/vuoricanada/images/flag/CAN.png HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Sat, 09 Oct 2021 09:02:58 GMT
Accept-Ranges: bytes
Content-Length: 373
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.dkfmed.ca/images/hoverimg/20220309954171228.jpg
165.231.154.30200 OK 166 kB URL HTTP/1.1 www.dkfmed.ca/images/hoverimg/20220309954171228.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x696, components 3\012- data
Size 166 kB (165770 bytes)
Hash 638ed173780706d9e356dd7d988f8f00
9caceebec287feba5225646ed6081e35ed753969
ffdeaf0085edd16a133a7eacad57db9d3fd0c6a05a8a21fde642de8a95ffda0a
GET /images/hoverimg/20220309954171228.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:54:17 GMT
Accept-Ranges: bytes
Content-Length: 165770
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:38:56 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 77837
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:10:03 GMT
age: 54370
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 2956f23c-8907-48de-b82a-73da9ae1d75e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYVHnLoAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdce-5d76bbe82dc2823407fe67f3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6tTqfG7yRrMw0cMwiQFlu9XuRzxlK7uzTXL-cAMFmrrDrKL9Rd3zqA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:20 GMT
age: 81293
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 31a6c427-a073-4c25-88b1-6ba40a48c359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrvyGg6oAMFhDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bffe-36dd49416c62f3811167173d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hNtG651fpAOKjZluawZlbXYFfBUojeSyqB9UMRsAg1Ooxc95mudq7A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:27 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 80686
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 6db42fa4-5a04-4368-b5cb-ea8f70d83ead
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XmxSRFp7oAMFb3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c2f41-1df42bd2265554de5f47932e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KQ1yb69_uETJJlEIcwsR165zqZuiklGuj3Nn-tyta0e_q8BGqs3cXg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:24 GMT
age: 80689
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 81291
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dkfmed.ca/js/jquery.jxb.js
165.231.154.30200 OK 158 kB URL HTTP/1.1 www.dkfmed.ca/js/jquery.jxb.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with very long lines (749)
Size 158 kB (157648 bytes)
Hash 6f3d61313966fcd43b0334aa5fad66b9
22b2b120da5b405a348e4abdd865c496625d87ab
f2374ffefd903e49bfa1772a042c1b593e52cd862e6553f538128ab4a58fe5b5
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.jxb.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Fri, 05 May 2017 19:03:44 GMT
Accept-Ranges: bytes
Content-Length: 157648
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.dkfmed.ca/includes/templates/vuoricanada/js/theme/default/layer.css?v=3.5.0
165.231.154.30200 OK 17 kB URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/js/theme/default/layer.css?v=3.5.0
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type ASCII text, with CRLF line terminators
Hash 94ae7c3e6834f7e25a85ff97c2d9cd88
953ea6a358fdbd59f99eef88c93f467a749d27e4
38d12ae4119d3c7ae42cf9ffb240d53b351716c8f44ae4b1acb0f4c15b003eb9
GET /includes/templates/vuoricanada/js/theme/default/layer.css?v=3.5.0 HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Tue, 29 Jun 2021 12:47:12 GMT
Accept-Ranges: bytes
Content-Length: 17360
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.dkfmed.ca/images/hoverimg/202203091104517270.jpg
165.231.154.30200 OK 195 kB URL HTTP/1.1 www.dkfmed.ca/images/hoverimg/202203091104517270.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1920x980, components 3\012- data
Size 195 kB (194992 bytes)
Hash 7dd94ddb98eacc3a3bf6680250689fef
2e46cbbcee6335ffac57e0969d6ea9a3c2fe7c12
b8a1871fc15a7b773d7900138533fb691d41daa0fabe8a56325a97ed44c1ef4a
GET /images/hoverimg/202203091104517270.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 08:04:52 GMT
Accept-Ranges: bytes
Content-Length: 194992
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Laguna_Lounge_2_0_Pants_Pi-TYUZB-8957.jpg
165.231.154.30200 OK 25 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Laguna_Lounge_2_0_Pants_Pi-TYUZB-8957.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 09ae153a8960db383a1d147c4a986c04
6d7f989f46029b93a04bac327a79bbefc6b8db57
f0d76358cfe86671f36463fa24db63da0e2dfcd132400f8b3af9adc32dd33974
GET /images/vuoricanada/Women_s_Vuori_Laguna_Lounge_2_0_Pants_Pi-TYUZB-8957.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:36 GMT
Accept-Ranges: bytes
Content-Length: 25235
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Long_Sleeve_Halo_Crew_Pull-DISZJ-7421.jpg
165.231.154.30200 OK 28 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Long_Sleeve_Halo_Crew_Pull-DISZJ-7421.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 2fefde5c40ae96afb02d86921836c1a3
9825d64a01b278fdffc061ee151e02ea23147273
b118a3a2e56658ad5210870cd5458e4a2e131a5cec5644d49503648551f9e5f6
GET /images/vuoricanada/Women_s_Vuori_Long_Sleeve_Halo_Crew_Pull-DISZJ-7421.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:20:50 GMT
Accept-Ranges: bytes
Content-Length: 28538
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Womens_Alpine_Sherpa_Jacke-TXFVH-1063.jpg
165.231.154.30200 OK 39 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Womens_Alpine_Sherpa_Jacke-TXFVH-1063.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 8120bdc9b3fb5aa8ce2ec102d702ee39
13d745f7999c5bc8c855b67167dda3d40342bda0
1b872490fa09ad431e2a0707e2431e08d93eb02f132a9905d478a71722e97fc0
GET /images/vuoricanada/Women_s_Vuori_Womens_Alpine_Sherpa_Jacke-TXFVH-1063.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:20:58 GMT
Accept-Ranges: bytes
Content-Length: 38862
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ponto_Performance_Pants_Red_-GQTYP-1527.jpg
165.231.154.30200 OK 29 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ponto_Performance_Pants_Red_-GQTYP-1527.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 73b7c5c7448de1e491481b698aad0c56
ca450bd0159875d61b2a0049abce9db6d88b1a72
87f21d5bfd1d10a9313ce5190858cfe4dabe8d1f267a1cbbe2f3e3a05dceb740
GET /images/vuoricanada/Men_s_Vuori_Ponto_Performance_Pants_Red_-GQTYP-1527.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:26 GMT
Accept-Ranges: bytes
Content-Length: 29212
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/hoverimg/202203091105312562.jpg
165.231.154.30200 OK 178 kB URL HTTP/1.1 www.dkfmed.ca/images/hoverimg/202203091105312562.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x696, components 3\012- data
Size 178 kB (177952 bytes)
Hash c5190a3b596161c02c7590a728c20781
ad587325c442b079de8c24f9731fedd66537ede4
cc2ad9d54326153e92a37f7f0429be6f18e454b4c26ecdb62a5b5c096466af9d
GET /images/hoverimg/202203091105312562.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 08:05:32 GMT
Accept-Ranges: bytes
Content-Length: 177952
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/hoverimg/202203091105314189.jpg
165.231.154.30200 OK 192 kB URL HTTP/1.1 www.dkfmed.ca/images/hoverimg/202203091105314189.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x696, components 3\012- data
Size 192 kB (191586 bytes)
Hash 15103e776b16b67c3dac8f887c84cb17
43b5d3c6c57fdc20ab7a5c85068163432955e7d8
4e0b3a2d325047a81f99161b1416dd129da77607864b3a99d17834625e623f56
GET /images/hoverimg/202203091105314189.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 08:05:32 GMT
Accept-Ranges: bytes
Content-Length: 191586
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Aim_Pants_Blue_XDUOT_1904-XDUOT-1904.jpg
165.231.154.30200 OK 22 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Aim_Pants_Blue_XDUOT_1904-XDUOT-1904.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash c01240f54cb89db26f66bfac5206f8e4
8992c4bc7c2199130e72b8bd72a0068352a23c90
ca9af69531b48044b7941f470bd46743f796665ec7dfe66dcf149922bae4c3d3
GET /images/vuoricanada/Men_s_Vuori_Aim_Pants_Blue_XDUOT_1904-XDUOT-1904.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:14 GMT
Accept-Ranges: bytes
Content-Length: 21655
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Austin_Henley_Pullover_Grey_-KLAZQ-1802.jpg
165.231.154.30200 OK 56 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Austin_Henley_Pullover_Grey_-KLAZQ-1802.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 3a2835c430415795b17afe8691366b7f
7a41bd8e41d3a49241bfa0d724ad70c501b40a9d
9f757d599cdafdbd2b442fc9b35135cb7592bbbf5fb49c6d629b7a460cbd6a29
GET /images/vuoricanada/Men_s_Vuori_Austin_Henley_Pullover_Grey_-KLAZQ-1802.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:04 GMT
Accept-Ranges: bytes
Content-Length: 55627
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Cove_Tanks_Grey_JVHUR_42-JVHUR-4236.jpg
165.231.154.30200 OK 32 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Cove_Tanks_Grey_JVHUR_42-JVHUR-4236.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 1b29ed64187557ac2d1386e6be87dbee
19d3235edf231cc9bc0adf0553a833eae9ddfce2
ef3eec5b7783386566405c361d3b8c7b9ddb2e687ab6704539c4d3c9079f0e83
GET /images/vuoricanada/Women_s_Vuori_Cove_Tanks_Grey_JVHUR_42-JVHUR-4236.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:20 GMT
Accept-Ranges: bytes
Content-Length: 32215
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Aspire_Elevation_Shorty_Sh-MFHTR-5910.jpg
165.231.154.30200 OK 30 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Aspire_Elevation_Shorty_Sh-MFHTR-5910.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 37a0691e95018842d952814102c65ea3
f573087eea46cdb5724f60742677d3fa32c2166a
3d8410e5660050f039ea6bb75e21247121e81d32a6910543f01e5e23189c7f4b
GET /images/vuoricanada/Women_s_Vuori_Aspire_Elevation_Shorty_Sh-MFHTR-5910.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:22:06 GMT
Accept-Ranges: bytes
Content-Length: 29717
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ripstop_Traveler_Pants_Black-HKNFI-4960.jpg
165.231.154.30200 OK 24 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ripstop_Traveler_Pants_Black-HKNFI-4960.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash bdedf05d51af7b6b5fe9d467bbd50ebe
8d9fb55aea51ef75a5785c14dea1c609b0105001
9c39f20c23b77fc467c2bd321f71c33d817b65dcfa089ac6c7bb71733cf97a32
GET /images/vuoricanada/Men_s_Vuori_Ripstop_Traveler_Pants_Black-HKNFI-4960.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:22 GMT
Accept-Ranges: bytes
Content-Length: 24035
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Zephyr_Muscle_Tanks_Blue_N-NBJGH-4013.jpg
165.231.154.30200 OK 37 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Zephyr_Muscle_Tanks_Blue_N-NBJGH-4013.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 34e02e1195c84bb65df6e5a42d2bcd68
e286c32b895167c34fe8aae100bd918624a21513
2b5e99b83798420c066f4b64d635432075e2560535896c727b603d3477f8b4a6
GET /images/vuoricanada/Men_s_Vuori_Zephyr_Muscle_Tanks_Blue_N-NBJGH-4013.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:50 GMT
Accept-Ranges: bytes
Content-Length: 36609
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Springs_Rain_Jackets_Black_-URSMC-8746.jpg
165.231.154.30200 OK 28 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Springs_Rain_Jackets_Black_-URSMC-8746.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 7c62a8dc2d5e51fba586a06294b8903e
59d705346ae5cdcc39a17deffecb3c59de7d03e8
012911633095536e4af6e0ff5e32ba4b001db71c1db3f8df67c45b7ea5672bff
GET /images/vuoricanada/Men_s_Vuori_Springs_Rain_Jackets_Black_-URSMC-8746.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:30 GMT
Accept-Ranges: bytes
Content-Length: 28209
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Vital_Crew_Pullover_Grey_L-LIAWS-9076.jpg
165.231.154.30200 OK 28 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Vital_Crew_Pullover_Grey_L-LIAWS-9076.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 3f6e9ad4795c84e1687b11d616dc5067
f438ddcfe86aeb777fd30b12ba95895175522acb
58bbdd6df2166139e094b67a876afe966696972e6ed4769d7ecf68643c74bfe9
GET /images/vuoricanada/Men_s_Vuori_Vital_Crew_Pullover_Grey_L-LIAWS-9076.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:12 GMT
Accept-Ranges: bytes
Content-Length: 28316
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Tradewind_Performance_Tee_Pu-KOTEW-7296.jpg
165.231.154.30200 OK 54 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Tradewind_Performance_Tee_Pu-KOTEW-7296.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 43ff70f7138e5bd89fe983f4687d152f
0fdaece4666f9553e7bc60894d3224af39d3e2fa
3ef0c4d5883f3fdfd779991f85cd692925be80a8155ed8fc0510e59f8e7b0db3
GET /images/vuoricanada/Men_s_Vuori_Tradewind_Performance_Tee_Pu-KOTEW-7296.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:00 GMT
Accept-Ranges: bytes
Content-Length: 54372
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Womens_Ripstop_Pants_Green-GOEXH-3460.jpg
165.231.154.30200 OK 29 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Womens_Ripstop_Pants_Green-GOEXH-3460.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash 946b26c7a789ed08f05c46aa81f9b51d
1317415c3c0fa6619d62ff3a75e5a14a6851e5b7
d57aa3bcc9da67c442002409469db16b8ff463e0d92ed54f0b5167fc6de9fa2a
GET /images/vuoricanada/Women_s_Vuori_Womens_Ripstop_Pants_Green-GOEXH-3460.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:22:10 GMT
Accept-Ranges: bytes
Content-Length: 29040
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/api/country
165.231.154.30200 OK 110 kB URL HTTP/1.1 www.dkfmed.ca/api/country
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 110 kB (109930 bytes)
Hash 09889b2376c2e35c09c677d776b27e59
7ec15818b6e8c9e7a0583cc9f0322983072c373c
6100955edd4b70f39aed0e5fad4ed2541ba82cdf3c404decb29b3e13d2d54a49
Analyzer Verdict Alert fortinet Phishing
GET /api/country HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: cookie_test=please_accept_for_session; expires=Fri, 07-Oct-2022 20:16:13 GMT; Max-Age=2592000; path=/
zenid=qut8jof0nfl85penpe89biq1v3; path=/; HttpOnly
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Kore_Shorts_Blue_CZGIE_860-CZGIE-8607.jpg
165.231.154.30200 OK 44 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Kore_Shorts_Blue_CZGIE_860-CZGIE-8607.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash d6b7924f022d3ca0eb6b2ce786608a5e
7498c9f8f44d563e3822ece81c1bb2685c152b6c
e7ca1f8cca54be32cc3485f7612f3865f4e2cef51bc9c5e6a3d933118e796518
GET /images/vuoricanada/Men_s_Vuori_Kore_Shorts_Blue_CZGIE_860-CZGIE-8607.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:46 GMT
Accept-Ranges: bytes
Content-Length: 43807
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ponto_Performance_Crew_Pullo-TJCVQ-9148.jpg
165.231.154.30200 OK 43 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ponto_Performance_Crew_Pullo-TJCVQ-9148.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash d3510f34498f4d628c887884c5a5efd2
ded8fab51b5452495b7f137319b0ae7447c43520
70d59b041fd1d880573e3a714bad0fd660eda45e55065d1047fd36e3b7ccd3c1
GET /images/vuoricanada/Men_s_Vuori_Ponto_Performance_Crew_Pullo-TJCVQ-9148.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:22:08 GMT
Accept-Ranges: bytes
Content-Length: 43096
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Dad_Hat_Orange_FWHCZ_7938-FWHCZ-7938.jpg
165.231.154.30200 OK 33 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Dad_Hat_Orange_FWHCZ_7938-FWHCZ-7938.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash cc3da093ef3fad80ba91dbf6707869bf
7e03d034b5705d21665b0ff7d303766e9dfc0e07
215c87b0e0bc9a75d878d6d71a97a1924d763fa0eb773e73e17bed3b013a1de3
GET /images/vuoricanada/Men_s_Vuori_Dad_Hat_Orange_FWHCZ_7938-FWHCZ-7938.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:16 GMT
Accept-Ranges: bytes
Content-Length: 32811
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ace_Tee_Grey_TMJUY_3708-TMJUY-3708.jpg
165.231.154.30200 OK 31 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ace_Tee_Grey_TMJUY_3708-TMJUY-3708.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash effdf420afdd2bfbde60e3dc13e64f33
9deb3ebcddfbedc652bd1a80cc3d5db9c6df1926
e79f4e8bb8dca30ee56f4bf5021c6952315564d4a17ffa7c82a2a3eda77a95a3
GET /images/vuoricanada/Men_s_Vuori_Ace_Tee_Grey_TMJUY_3708-TMJUY-3708.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:22:12 GMT
Accept-Ranges: bytes
Content-Length: 30841
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Aspen_Shirt_Jackets_Blue_W-WKLNZ-2503.jpg
165.231.154.30200 OK 36 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Aspen_Shirt_Jackets_Blue_W-WKLNZ-2503.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash aa5834b1c10910c407b2d5bf66df7798
d737763ae5bcb3737ac5beaf0694b27b6e75d687
8bc994316ccc7bcfd45e65db477fadcd2d953379c26b3a740cd3189c51f4c499
GET /images/vuoricanada/Men_s_Vuori_Aspen_Shirt_Jackets_Blue_W-WKLNZ-2503.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:20 GMT
Accept-Ranges: bytes
Content-Length: 36324
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Beach_Hoodie_Camo_Pink_-KOFRL-7103.jpg
165.231.154.30200 OK 30 kB URL HTTP/1.1 www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Beach_Hoodie_Camo_Pink_-KOFRL-7103.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Hash b3b77bf056a2aaa4f96ca47f7469870b
0b25afbd7805ac5a654591916c84dd847f58209c
5602721d53aa06125c28c3b4c8bfde5ce612bd7ac7a2b5149b8085f4d6bc0851
GET /images/vuoricanada/Women_s_Vuori_Beach_Hoodie_Camo_Pink_-KOFRL-7103.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:14 GMT
Accept-Ranges: bytes
Content-Length: 30480
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/favicon.ico
165.231.154.30200 OK 1.1 kB URL HTTP/1.1 www.dkfmed.ca/favicon.ico
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
File type PNG image data, 32 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 1350a6ec3e6067a3b9f1d89d78868b80
346d1c2f5a8ceb1c3dad1e8a1843b0132b660281
1ed203337774398ea2bca717fe9a361346739d1f4931d4596f97445347774991
GET /favicon.ico HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session; zenid=qut8jof0nfl85penpe89biq1v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:14 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:25:52 GMT
Accept-Ranges: bytes
Content-Length: 1054
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/x-icon
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 44ee4c9bd1e550045d69f24ad511070c
3bf0d51801523d7014ac76b5ab90c989fc7a770f
ee48c13050faa498f79222216f9c71b20b3a4e5e8e5c59c7156c276ab942703c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: d48113bc-fe40-4d59-b700-194b1092ab67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqmxQEbVoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db807-14ff6f5b0ffb9a7f08e57906;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:11:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YKs0giofWi83MnLBqx6zAu1NGd_A9-l6y2pULUBn2RK0-H3KNRzrUg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 16:00:00 GMT
age: 15380
etag: "3bf0d51801523d7014ac76b5ab90c989fc7a770f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js
165.231.154.30200 OK 0 B URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
Analyzer Verdict Alert fortinet Phishing
GET /includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 24 Jul 2020 18:30:22 GMT
Accept-Ranges: bytes
Content-Length: 142713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.10:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 20:16:12 GMT
date: Wed, 07 Sep 2022 20:16:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.dkfmed.ca/images/hoverimg/20220309954177508.jpg
165.231.154.30200 OK 0 B URL HTTP/1.1 www.dkfmed.ca/images/hoverimg/20220309954177508.jpg
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
GET /images/hoverimg/20220309954177508.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:54:17 GMT
Accept-Ranges: bytes
Content-Length: 195844
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.dkfmed.ca/includes/templates/vuoricanada/css/ajax-loader.gif
165.231.154.30404 Not Found 0 B URL HTTP/1.1 www.dkfmed.ca/includes/templates/vuoricanada/css/ajax-loader.gif
IP 165.231.154.30:0
ASN #58065 Packet Exchange Limited
GET /includes/templates/vuoricanada/css/ajax-loader.gif HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_slick.css
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: cookie_test=please_accept_for_session; expires=Fri, 07-Oct-2022 20:16:13 GMT; Max-Age=2592000; path=/
zenid=3o3r7g7evpbmkbf6v1qibpj8q6; path=/; HttpOnly
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8