Report - dkfmed.ca/

Report Overview

Submitted URL
dkfmed.ca/
IP
165.231.154.30
ASN
#58065 Packet Exchange Limited
Submitted
2022-09-07 20:16:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
dkfmed.ca	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	471 B	165.231.154.30
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.237.51.86
www.dkfmed.ca	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	25 kB	2.5 MB	165.231.154.30
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	481 B	129 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	64 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-07	medium	dkfmed.ca/	Phishing
2022-09-07	medium	www.dkfmed.ca/	Phishing
2022-09-07	medium	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery_kinSlideshow.js	Phishing
2022-09-07	medium	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_lightbox.js	Phishing
2022-09-07	medium	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js	Phishing
2022-09-07	medium	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery.js	Phishing
2022-09-07	medium	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_slick.js	Phishing
2022-09-07	medium	www.dkfmed.ca/js/modernizr.custom.js	Phishing
2022-09-07	medium	www.dkfmed.ca/js/jquery.mmenu.min.all.js	Phishing
2022-09-07	medium	www.dkfmed.ca/js/classie.js	Phishing
2022-09-07	medium	www.dkfmed.ca/js/uisearch.js	Phishing
2022-09-07	medium	www.dkfmed.ca/js/jquery-1.7.2.min.js	Phishing
2022-09-07	medium	www.dkfmed.ca/includes/templates/vuoricanada/js/layer.js	Phishing
2022-09-07	medium	www.dkfmed.ca/includes/templates/vuoricanada/js/re_login.js	Phishing
2022-09-07	medium	www.dkfmed.ca/js/slick_new.js	Phishing
2022-09-07	medium	www.dkfmed.ca/js/jquery.jxa.js	Phishing
2022-09-07	medium	www.dkfmed.ca/js/jquery.jxb.js	Phishing
2022-09-07	medium	www.dkfmed.ca/api/country	Phishing
2022-09-07	medium	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_slick.js	89 kB	2023-03-07	2024-04-24
Pretty URL www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_slick.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-24 01:45:41 Times Seen8086 Hash 5f8f4aed010e1afe499184d8197309f9 097f6a1b4f115e9b6ebefa70d76d830733bcc9ba 0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4 Loading...

	www.dkfmed.ca/includes/templates/vuoricanada/js/layer.js	38 kB	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/includes/templates/vuoricanada/js/layer.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-19 16:12:58 Times Seen5095 Hash f679a433cba7ebde1bbe121fffd8c60c 4d2159e06a5e80328e0ba9554e02fb2422ed0b36 60c2f96124f2970788057614a90229fe470b13f5420e5794d90d73c9e08ce2f0 Loading...

	www.dkfmed.ca/	44 B	2023-03-07	2024-04-24
Pretty URL www.dkfmed.ca/ IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-24 01:45:40 Times Seen4055 Hash 0f9f77c8d79923a94eaf9563663b37bf e9de64d20cf4f34a74de22d7b663634bd64f1be6 f401ef86148cd7087f19cbf14828ac17464cb4e1712f05305fb571d07521bb01 Loading...

	www.dkfmed.ca/js/slick_new.js	1.9 kB	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/js/slick_new.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:32 Last Seen2024-04-19 16:12:58 Times Seen3648 Hash 37192079541f105b380c4d17cb5b1a45 4cf67b7d006b630a2e063acb52740d1b8cfa08c4 faffeb52bd73185450a0e8bad135ac6209a599c01d2247636e29fe4d640557cf Loading...

	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_lightbox.js	20 kB	2023-03-07	2024-04-24
Pretty URL www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_lightbox.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-24 01:45:41 Times Seen4020 Hash 62160589e6cfe07633cf89ba5f6b850e 0ddc3da269bf68a7a86f82db9099181126c8aad5 c84699604527cf065821fe6ddb4aea785e99cfbcfbaec426a51cff1dfd617eca Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 15:44:07 Times Seen37040610 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js	143 kB	2023-03-07	2024-04-24
Pretty URL www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:14 Last Seen2024-04-24 01:45:41 Times Seen3463 Hash 674b896ffae27a70571b1fc5bd65919d 63c8c73c7e5ba15aa940aba8f1c43b6150a9f941 a7c32e459eae73c136b6eb07711a69b2cc7b557c085fc232dd42db7fb50e9374 Loading...

	www.dkfmed.ca/js/slick.js	87 kB	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/js/slick.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:41 Last Seen2024-04-19 16:12:58 Times Seen4746 Hash b56bbf351b271132a8fdab2ed21c82ab 8274eb6924ead2f5d8616fd162ef24bebd3c0b21 c37611fa51880e07f6a12795e03e5cd3eb4699b82f69be67036f735ffb5ecb60 Loading...

	www.dkfmed.ca/	74 B	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/ IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:27 Last Seen2024-04-19 16:12:58 Times Seen1679 Hash 77c0bd3bb3d308a78f5cd873c21fe43a 38671a50bcf4bfcfd34f5cb46c996d7b97a1254c 197e2d212246e4d08dee3d3b9e45228bbec236edaa7d31310d9de0607533a12c Loading...

	www.dkfmed.ca/	144 B	2023-03-07	2023-03-07
Pretty URL www.dkfmed.ca/ IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:44:05 Last Seen2023-03-07 13:44:05 Times Seen1 Hash 07c6e5de1b35fe23dcd0452c5fada6a1 c494ad72f28b8b29086efe6ebd77888db078e834 c8f5063dff4dc52f4f3050e6cf0ccd45d550b9f7e93b15737e9365641c61b19d Loading...

	www.dkfmed.ca/	597 B	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/ IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:41 Last Seen2024-04-19 16:12:58 Times Seen2181 Hash 0dcfb49030f0696eed0631626f0b773a 2c88166dcdaa8372f41639a40ecc01195a012845 f0e9cf6e6cacab382ea6a8bbc66f73e345588eaff2c966d462578cf716ff74de Loading...

	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery.js	86 kB	2023-03-07	2024-04-24
Pretty URL www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-24 15:15:47 Times Seen17767 Hash e85aed5c30d734f1e30646e030d7a817 b8dcaa1c866905c0bdb0b70c8e564ff1c3fe27ad 8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a Loading...

	www.dkfmed.ca/js/uisearch.js	6.0 kB	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/js/uisearch.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:27 Last Seen2024-04-19 16:12:58 Times Seen3111 Hash 028b2e146eff5f378e21e7fe48131468 af6b54a64da88204e2d2c527c1a941dc17e790e3 86f2854513305e334b86057c752cf3821b72156d1f6aa0fd8132c57bec74d285 Loading...

	www.dkfmed.ca/includes/templates/vuoricanada/js/re_login.js	11 kB	2023-03-07	2024-04-18
Pretty URL www.dkfmed.ca/includes/templates/vuoricanada/js/re_login.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-18 11:41:11 Times Seen1239 Hash 9b67116ecba4f7049bfc3237ad5400c8 df1f51ea8d9423d689d8fe8b106e367a81502126 68bcdb504903424438e35c8294d0f1f69daa05026deb95ccdb3d4b7ab1b18acd Loading...

	www.dkfmed.ca/js/jquery-1.7.2.min.js	158 kB	2023-03-07	2024-04-24
Pretty URL www.dkfmed.ca/js/jquery-1.7.2.min.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-24 01:45:41 Times Seen13041 Hash 6f3d61313966fcd43b0334aa5fad66b9 22b2b120da5b405a348e4abdd865c496625d87ab f2374ffefd903e49bfa1772a042c1b593e52cd862e6553f538128ab4a58fe5b5 Loading...

	www.dkfmed.ca/	21 B	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/ IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-19 16:12:58 Times Seen2870 Hash 5a9b4911bc66f9e2f54bd20a9c333f26 8f357fb053913c958e71d7167e56aa68a698f1e4 2412af640fa9ba9f1a38f46e8b58e00b2cdd73ab4bd327a7d79be4132d960c65 Loading...

	www.dkfmed.ca/js/modernizr.custom.js	7.7 kB	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/js/modernizr.custom.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:27 Last Seen2024-04-19 16:12:58 Times Seen3438 Hash 02009db489ef4805210aafa21a6b8276 d3c333feb80a2e4045a6a353838171aaee6b878d 0cdb507e0527a90fb5b98b238843f6d2be8ded6d71f40458ff8e75b731405cad Loading...

	www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js	86 kB	2023-03-07	2024-04-24
Pretty URL www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-24 01:45:41 Times Seen7008 Hash 93c4b563622d278b1065690a3d93709e f00d128cf399f17322b1d4ee02fa8cd892e081bd 601c06474a16936670a0477da2a777ccfca3301e3857204ec9b55dfa2c45287e Loading...

	www.dkfmed.ca/js/classie.js	1.8 kB	2023-03-07	2024-04-23
Pretty URL www.dkfmed.ca/js/classie.js IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-23 14:10:35 Times Seen4907 Hash a9df1cfb76ce492afd9d13f3320272fd 782b9564f015a2ec7bdf9c89e238fab9b44bd587 717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144 Loading...

	www.dkfmed.ca/	1.7 kB	2023-03-07	2023-03-07
Pretty URL www.dkfmed.ca/ IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:44:05 Last Seen2023-03-07 13:44:05 Times Seen1 Hash e08666ad831aff196940574814f12196 77e38e92c87a9ea13e1835e8ce7268a0e5416693 c19b1b007a5e594c09f94d9bfe48cd4318c440e2074dc11a2f260d7b7fbe8ee3 Loading...

	www.dkfmed.ca/	318 B	2023-03-07	2023-03-07
Pretty URL www.dkfmed.ca/ IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:44:05 Last Seen2023-03-07 13:44:05 Times Seen1 Hash 532a83123ad2ff99b0789bcdc5c854d4 c51c6d896cad3869a4f38d3be367ade7cd6f02b8 194fb16e5e814fcd54539396430214fb318c36fefd97b991598d2b5439e9784a Loading...

	www.dkfmed.ca/	312 B	2023-03-07	2024-04-19
Pretty URL www.dkfmed.ca/ IP 165.231.154.30 ASN #58065 Packet Exchange Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-19 16:12:58 Times Seen2674 Hash 7ce5e7d2da9a3d65ead4d2138055617e 051b88ccda03caa7daf3d18190375955b31a7b4d 4c17dfdfc4b0a40b632f760a15a335f7627fa0b6b22acb202a87e49ef511273c Loading...

		Size	First Seen	Last Seen
	#1 Eval - abf4a875d5948c9b1b39999a48ff7e87	13 kB	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-19 16:12:58 Times Seen3758 Hash abf4a875d5948c9b1b39999a48ff7e87 e686ced083517764a0dd7424d84ac5fa1b52f20b a824a97e1e060dcfc3950a4231c4510e369c17c0c8694340e873ff5bdc8397ea Loading...

HTTP Transactions (82)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 20:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zfZ9XY0v1eA8IoWbZNLPKAqLwgjy_i2N-tjo3u-IKpndaaCzy8Wvkw==
Age: 684

dkfmed.ca/

165.231.154.30

301 Moved Permanently

230 B

URL HTTP/1.1
dkfmed.ca/
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
230 B (230 bytes)
Hash
545f66ed826dc650cc92b1abeff33f27
0935340463803a3582371ecbe8350ef02ae04d50
a3e5fe4121b74201d27a0bb9dca4df348ec38501bbcc4daf7f31a6542edd4bd5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Sep 2022 20:16:10 GMT
Server: Apache
Location: https://www.dkfmed.ca/
Content-Length: 230
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Wed, 07 Sep 2022 20:59:21 GMT
Date: Wed, 07 Sep 2022 20:16:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 05:03:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c5Srsfvz13Gy9mQ8K8Ie4AcJzPDbmDs6iCqhJMHOZjQAagZJTNjbaA==
age: 59377
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 20:16:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 19:38:18 GMT
Expires: Wed, 07 Sep 2022 19:54:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1z21JIVxfKyb0UfWM2ZshctiBP67v8b4fazc0tYLTjxd7-vYNubINQ==
Age: 2273

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6359
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:11 GMT
Last-Modified: Wed, 07 Sep 2022 18:30:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.237.51.86

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.51.86:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L7ZpnRfZvo4/agP7nXbBzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GfNYjWYPFDOFHGomSUq+x+YCaSM=

www.dkfmed.ca/

165.231.154.30

200 OK

40 kB

URL HTTP/1.1
www.dkfmed.ca/
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4538), with CRLF, LF line terminators
Size
40 kB (40395 bytes)
Hash
5c6757f7561800c185193f577eea6f6a
7b1a408caaaec3936bf8bd66d643f20ceb28b483
afbff71a12ea27bff9588db87bc0b077261b15b0b062bee258a529bacd4b8a49

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:11 GMT
Server: Apache
Set-Cookie: cookie_test=please_accept_for_session; expires=Fri, 07-Oct-2022 20:16:11 GMT; Max-Age=2592000; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.dkfmed.ca/includes/templates/vuoricanada/css/style.css

165.231.154.30

200 OK

25 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/style.css
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with very long lines (1470)
Size
25 kB (24572 bytes)
Hash
0269f25a408028ad7d1fa88f3fc07c32
bdf70b66b3a9a09ed1b009ccd694b89574646d9c
4225c3ed92bfc238dee21c99754cc70c6be9605fd4613f706c9ea927b00606d8

HTTP Headers

GET /includes/templates/vuoricanada/css/style.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 24572
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_lightbox.css

165.231.154.30

200 OK

2.4 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_lightbox.css
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2370 bytes)
Hash
4156c4f3b3e8eb75b3f0ffc31b9b3c48
d2e2362789756890af0cd16178e7dc00b66a2032
9b1778227a7dc12daa8be9254e2f90de342d38c9c26140ffd85c82de5a1f70cd

HTTP Headers

GET /includes/templates/vuoricanada/css/stylesheet_lightbox.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 2370
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_categories_menu.css

165.231.154.30

200 OK

2.3 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_categories_menu.css
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text
Size
2.3 kB (2341 bytes)
Hash
77ac4aa1fc1b80426aa7ad8033dcb40c
fa30830acbbe5458aa445be97ecd00be2e1d60fa
93a60cfc2924d4c2d193bd12bd2ccd8d54b433b975bf842d9c2547a95efabdf0

HTTP Headers

GET /includes/templates/vuoricanada/css/stylesheet_categories_menu.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 2341
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_header_menu.css

165.231.154.30

200 OK

3.4 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_header_menu.css
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with CRLF line terminators
Size
3.4 kB (3386 bytes)
Hash
7c59b4da415474ab8a00f8eabfb367f9
9f56b279588144bbd3b13b87901b042f99444f77
aaf8c209a2a5b2c448f59f3de003831ebc7ab30e92e9b718e137377009b2925d

HTTP Headers

GET /includes/templates/vuoricanada/css/stylesheet_header_menu.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 10:01:03 GMT
Accept-Ranges: bytes
Content-Length: 3386
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_jquery.mmenu.all.css

165.231.154.30

200 OK

11 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_jquery.mmenu.all.css
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text
Size
11 kB (10914 bytes)
Hash
e2eb2f35cf8f984d3f5f03df844b336e
763043a9a6ca87e841eb2c4e037f7359b66097b8
af696727609018b4e408eaf3c67d3f4b8e4185163ca22cbe64b13405edbfdc7a

HTTP Headers

GET /includes/templates/vuoricanada/css/stylesheet_jquery.mmenu.all.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 10914
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_slick.css

165.231.154.30

200 OK

4.2 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_slick.css
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with CRLF line terminators
Size
4.2 kB (4154 bytes)
Hash
d081927955913375cd1202d3803adcc2
f09e4a037b3289cd6d0a4fecfa7d2cab3e91fedc
b12ef925712c3f4389ad2c03898732e465404634d5f817aef2e7724bb7b96ab4

HTTP Headers

GET /includes/templates/vuoricanada/css/stylesheet_slick.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 4154
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet1.css

165.231.154.30

200 OK

18 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet1.css
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with very long lines (876)
Size
18 kB (17510 bytes)
Hash
1f2607167694349ffb03ebd85fbf30aa
881b9f62dba7f34d413ade661f9228a183a30531
195a167034ac71e2c6634f4fa03ae93b631512b167db1091f8801d7c46bb7c07

HTTP Headers

GET /includes/templates/vuoricanada/css/stylesheet1.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:53:13 GMT
Accept-Ranges: bytes
Content-Length: 17510
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery_kinSlideshow.js

165.231.154.30

200 OK

9.7 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery_kinSlideshow.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ISO-8859 text, with very long lines (8513), with CRLF line terminators
Size
9.7 kB (9674 bytes)
Hash
08a763acea723e1d88cbce2f1c9b3317
ea20687e4f773bf67907b0edb029ebafbc110fc1
c17caeebb94b90d9aae3dc3142cda848f67e8b9425a6d25e434af74d2978aba4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/vuoricanada/jscript/jscript_jquery_kinSlideshow.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Sun, 21 Nov 2010 08:51:10 GMT
Accept-Ranges: bytes
Content-Length: 9674
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_lightbox.js

165.231.154.30

200 OK

20 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_lightbox.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ISO-8859 text, with very long lines (797), with CRLF line terminators
Size
20 kB (20417 bytes)
Hash
3d79a6c53803295ef00c052546d76500
f1481ce4f6f2aaefd7a5b6af19be42c7b1606dcc
93acbf26510bd264764a43d220a984b78270cd37536e0aa6bf8deb1fb28338f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/vuoricanada/jscript/jscript_lightbox.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Sun, 24 Oct 2010 03:36:54 GMT
Accept-Ranges: bytes
Content-Length: 20417
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_all.css

165.231.154.30

200 OK

108 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_all.css
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text
Size
108 kB (108033 bytes)
Hash
d98ca3e08c1a7b8a6a54282d1416c08b
6d27b78c1301877b089dde6f7a840d56a8925afa
174def84d780152ab66ddf9eddcd43326766dc39800ebcea686ad257188e553d

HTTP Headers

GET /includes/templates/vuoricanada/css/stylesheet_all.css HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 25 Mar 2022 10:50:23 GMT
Accept-Ranges: bytes
Content-Length: 108033
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js

165.231.154.30

200 OK

86 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with very long lines (32069)
Size
86 kB (85588 bytes)
Hash
93c4b563622d278b1065690a3d93709e
f00d128cf399f17322b1d4ee02fa8cd892e081bd
601c06474a16936670a0477da2a777ccfca3301e3857204ec9b55dfa2c45287e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/vuoricanada/jscript/jscript_1.11.1.min.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Wed, 29 Jul 2020 00:10:10 GMT
Accept-Ranges: bytes
Content-Length: 85588
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery.js

165.231.154.30

200 OK

86 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_jquery.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
Unicode text, UTF-8 text, with very long lines (65168)
Size
86 kB (85925 bytes)
Hash
e85aed5c30d734f1e30646e030d7a817
b8dcaa1c866905c0bdb0b70c8e564ff1c3fe27ad
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/vuoricanada/jscript/jscript_jquery.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2011 16:28:42 GMT
Accept-Ranges: bytes
Content-Length: 85925
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_slick.js

165.231.154.30

200 OK

89 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_slick.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text
Size
89 kB (88955 bytes)
Hash
5f8f4aed010e1afe499184d8197309f9
097f6a1b4f115e9b6ebefa70d76d830733bcc9ba
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/vuoricanada/jscript/jscript_slick.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 07:22:28 GMT
Accept-Ranges: bytes
Content-Length: 88955
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/js/modernizr.custom.js

165.231.154.30

200 OK

7.7 kB

URL HTTP/1.1
www.dkfmed.ca/js/modernizr.custom.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
HTML document, ASCII text, with very long lines (7558)
Size
7.7 kB (7671 bytes)
Hash
02009db489ef4805210aafa21a6b8276
d3c333feb80a2e4045a6a353838171aaee6b878d
0cdb507e0527a90fb5b98b238843f6d2be8ded6d71f40458ff8e75b731405cad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/modernizr.custom.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2016 17:34:46 GMT
Accept-Ranges: bytes
Content-Length: 7671
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/js/jquery.mmenu.min.all.js

165.231.154.30

200 OK

39 kB

URL HTTP/1.1
www.dkfmed.ca/js/jquery.mmenu.min.all.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with very long lines (401)
Size
39 kB (38800 bytes)
Hash
5b2edbe2f95659b625a0b919ebf98286
1c5722696e849953fccdf41e0f0a01e3f37a80da
a83065a45e7248c11ae228cab8da5d6bfcfa4791be255e2a78e81dbc456a4637

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.mmenu.min.all.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 08 May 2020 16:51:20 GMT
Accept-Ranges: bytes
Content-Length: 38800
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/js/classie.js

165.231.154.30

200 OK

1.8 kB

URL HTTP/1.1
www.dkfmed.ca/js/classie.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text
Size
1.8 kB (1835 bytes)
Hash
a9df1cfb76ce492afd9d13f3320272fd
782b9564f015a2ec7bdf9c89e238fab9b44bd587
717ad22aa426d024f6c9942949b49d9a20f4239b94dfee34f94c96d8778f2144

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/classie.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2016 17:34:46 GMT
Accept-Ranges: bytes
Content-Length: 1835
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/js/uisearch.js

165.231.154.30

200 OK

6.0 kB

URL HTTP/1.1
www.dkfmed.ca/js/uisearch.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with very long lines (2051), with CRLF line terminators
Size
6.0 kB (6033 bytes)
Hash
028b2e146eff5f378e21e7fe48131468
af6b54a64da88204e2d2c527c1a941dc17e790e3
86f2854513305e334b86057c752cf3821b72156d1f6aa0fd8132c57bec74d285

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/uisearch.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2016 17:34:46 GMT
Accept-Ranges: bytes
Content-Length: 6033
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/js/jquery-1.7.2.min.js

165.231.154.30

200 OK

158 kB

URL HTTP/1.1
www.dkfmed.ca/js/jquery-1.7.2.min.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with very long lines (749)
Size
158 kB (157648 bytes)
Hash
6f3d61313966fcd43b0334aa5fad66b9
22b2b120da5b405a348e4abdd865c496625d87ab
f2374ffefd903e49bfa1772a042c1b593e52cd862e6553f538128ab4a58fe5b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Thu, 07 May 2020 17:22:20 GMT
Accept-Ranges: bytes
Content-Length: 157648
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/includes/templates/vuoricanada/js/layer.js

165.231.154.30

200 OK

38 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/js/layer.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with very long lines (984)
Size
38 kB (37747 bytes)
Hash
f679a433cba7ebde1bbe121fffd8c60c
4d2159e06a5e80328e0ba9554e02fb2422ed0b36
60c2f96124f2970788057614a90229fe470b13f5420e5794d90d73c9e08ce2f0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/vuoricanada/js/layer.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Tue, 29 Jun 2021 12:47:40 GMT
Accept-Ranges: bytes
Content-Length: 37747
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/includes/templates/vuoricanada/js/re_login.js

165.231.154.30

200 OK

11 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/js/re_login.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
11 kB (10701 bytes)
Hash
9b67116ecba4f7049bfc3237ad5400c8
df1f51ea8d9423d689d8fe8b106e367a81502126
68bcdb504903424438e35c8294d0f1f69daa05026deb95ccdb3d4b7ab1b18acd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/vuoricanada/js/re_login.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Fri, 30 Jul 2021 13:53:12 GMT
Accept-Ranges: bytes
Content-Length: 10701
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/js/slick_new.js

165.231.154.30

200 OK

1.9 kB

URL HTTP/1.1
www.dkfmed.ca/js/slick_new.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1859 bytes)
Hash
37192079541f105b380c4d17cb5b1a45
4cf67b7d006b630a2e063acb52740d1b8cfa08c4
faffeb52bd73185450a0e8bad135ac6209a599c01d2247636e29fe4d640557cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/slick_new.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Mon, 27 Dec 2021 12:22:54 GMT
Accept-Ranges: bytes
Content-Length: 1859
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.dkfmed.ca/js/jquery.jxa.js

165.231.154.30

200 OK

2.7 kB

URL HTTP/1.1
www.dkfmed.ca/js/jquery.jxa.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2658 bytes)
Hash
ca643ec9e974f881e4c904db35bc40c7
759df5ef14b4e2c0c46770b5e408f600972294ca
a1e3d7d98e8e9886c1181e7d53ddd4a6ff424a0fff640d1dc4b06757f096e0e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.jxa.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 29 Apr 2020 14:46:06 GMT
Accept-Ranges: bytes
Content-Length: 2658
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.163

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dkfmed.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:36:08 GMT
expires: Fri, 01 Sep 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 517205
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
da05c4b51a3dabf88135becc19f1af52
2c8e928a750eff713ffba9cacff2ee241b22c236
3a718561532594be11fba74ace11458dc337786dacb48c588777120b6916984f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 20:16:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.dkfmed.ca/images/hoverimg/202203091108418705.png

165.231.154.30

200 OK

2.0 kB

URL HTTP/1.1
www.dkfmed.ca/images/hoverimg/202203091108418705.png
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
PNG image data, 173 x 69, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2028 bytes)
Hash
654bbd20df1e1c2eb2c06b4dbe446b22
a02bf96ff11cc3dd35f6f53d40808138157c33c3
4ec087a0087f444089d583f11a6453f468bd2edd9f26759e6fbdf6ac9e4a29bb

HTTP Headers

GET /images/hoverimg/202203091108418705.png HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 08:08:42 GMT
Accept-Ranges: bytes
Content-Length: 2028
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

www.dkfmed.ca/includes/templates/vuoricanada/images/flag/CAN.png

165.231.154.30

200 OK

373 B

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/images/flag/CAN.png
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
PNG image data, 27 x 17, 8-bit/color RGB, non-interlaced\012- data
Size
373 B (373 bytes)
Hash
5bcefbd3115209dc486a33315fd0adfe
8092f5ffa43e543815386f2956ae80c27f233dcf
42499bcaf81be894215431d16cbcddfea28868095b7d13e4419784e446d99bbf

HTTP Headers

GET /includes/templates/vuoricanada/images/flag/CAN.png HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Sat, 09 Oct 2021 09:02:58 GMT
Accept-Ranges: bytes
Content-Length: 373
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

www.dkfmed.ca/images/hoverimg/20220309954171228.jpg

165.231.154.30

200 OK

166 kB

URL HTTP/1.1
www.dkfmed.ca/images/hoverimg/20220309954171228.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x696, components 3\012- data
Size
166 kB (165770 bytes)
Hash
638ed173780706d9e356dd7d988f8f00
9caceebec287feba5225646ed6081e35ed753969
ffdeaf0085edd16a133a7eacad57db9d3fd0c6a05a8a21fde642de8a95ffda0a

HTTP Headers

GET /images/hoverimg/20220309954171228.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:54:17 GMT
Accept-Ranges: bytes
Content-Length: 165770
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16891
Expires: Thu, 08 Sep 2022 00:57:44 GMT
Date: Wed, 07 Sep 2022 20:16:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12661 bytes)
Hash
79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:38:56 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 77837
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6214 bytes)
Hash
f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:10:03 GMT
age: 54370
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11778 bytes)
Hash
1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 2956f23c-8907-48de-b82a-73da9ae1d75e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYVHnLoAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdce-5d76bbe82dc2823407fe67f3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6tTqfG7yRrMw0cMwiQFlu9XuRzxlK7uzTXL-cAMFmrrDrKL9Rd3zqA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:20 GMT
age: 81293
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3604 bytes)
Hash
932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 31a6c427-a073-4c25-88b1-6ba40a48c359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDrvyGg6oAMFhDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bffe-36dd49416c62f3811167173d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hNtG651fpAOKjZluawZlbXYFfBUojeSyqB9UMRsAg1Ooxc95mudq7A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:27 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 80686
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4805 bytes)
Hash
4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 6db42fa4-5a04-4368-b5cb-ea8f70d83ead
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XmxSRFp7oAMFb3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c2f41-1df42bd2265554de5f47932e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KQ1yb69_uETJJlEIcwsR165zqZuiklGuj3Nn-tyta0e_q8BGqs3cXg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:24 GMT
age: 80689
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8462 bytes)
Hash
70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: d75d69c1-87be-47e2-8684-3c9a25edee2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqYpFL-IAMFukQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdd0-1c6d025672cc490734bb54e4;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yzw88Z7aubNEll7UXkvaIWbftL95Y0UDTMnOEh_uhKqWgNycBA9Adw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:22 GMT
age: 81291
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dkfmed.ca/js/jquery.jxb.js

165.231.154.30

200 OK

158 kB

URL HTTP/1.1
www.dkfmed.ca/js/jquery.jxb.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with very long lines (749)
Size
158 kB (157648 bytes)
Hash
6f3d61313966fcd43b0334aa5fad66b9
22b2b120da5b405a348e4abdd865c496625d87ab
f2374ffefd903e49bfa1772a042c1b593e52cd862e6553f538128ab4a58fe5b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.jxb.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Fri, 05 May 2017 19:03:44 GMT
Accept-Ranges: bytes
Content-Length: 157648
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.dkfmed.ca/includes/templates/vuoricanada/js/theme/default/layer.css?v=3.5.0

165.231.154.30

200 OK

17 kB

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/js/theme/default/layer.css?v=3.5.0
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
ASCII text, with CRLF line terminators
Size
17 kB (17360 bytes)
Hash
94ae7c3e6834f7e25a85ff97c2d9cd88
953ea6a358fdbd59f99eef88c93f467a749d27e4
38d12ae4119d3c7ae42cf9ffb240d53b351716c8f44ae4b1acb0f4c15b003eb9

HTTP Headers

GET /includes/templates/vuoricanada/js/theme/default/layer.css?v=3.5.0 HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Tue, 29 Jun 2021 12:47:12 GMT
Accept-Ranges: bytes
Content-Length: 17360
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.dkfmed.ca/images/hoverimg/202203091104517270.jpg

165.231.154.30

200 OK

195 kB

URL HTTP/1.1
www.dkfmed.ca/images/hoverimg/202203091104517270.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1920x980, components 3\012- data
Size
195 kB (194992 bytes)
Hash
7dd94ddb98eacc3a3bf6680250689fef
2e46cbbcee6335ffac57e0969d6ea9a3c2fe7c12
b8a1871fc15a7b773d7900138533fb691d41daa0fabe8a56325a97ed44c1ef4a

HTTP Headers

GET /images/hoverimg/202203091104517270.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 08:04:52 GMT
Accept-Ranges: bytes
Content-Length: 194992
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Laguna_Lounge_2_0_Pants_Pi-TYUZB-8957.jpg

165.231.154.30

200 OK

25 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Laguna_Lounge_2_0_Pants_Pi-TYUZB-8957.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
25 kB (25235 bytes)
Hash
09ae153a8960db383a1d147c4a986c04
6d7f989f46029b93a04bac327a79bbefc6b8db57
f0d76358cfe86671f36463fa24db63da0e2dfcd132400f8b3af9adc32dd33974

HTTP Headers

GET /images/vuoricanada/Women_s_Vuori_Laguna_Lounge_2_0_Pants_Pi-TYUZB-8957.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:36 GMT
Accept-Ranges: bytes
Content-Length: 25235
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Long_Sleeve_Halo_Crew_Pull-DISZJ-7421.jpg

165.231.154.30

200 OK

28 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Long_Sleeve_Halo_Crew_Pull-DISZJ-7421.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
28 kB (28538 bytes)
Hash
2fefde5c40ae96afb02d86921836c1a3
9825d64a01b278fdffc061ee151e02ea23147273
b118a3a2e56658ad5210870cd5458e4a2e131a5cec5644d49503648551f9e5f6

HTTP Headers

GET /images/vuoricanada/Women_s_Vuori_Long_Sleeve_Halo_Crew_Pull-DISZJ-7421.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:20:50 GMT
Accept-Ranges: bytes
Content-Length: 28538
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Womens_Alpine_Sherpa_Jacke-TXFVH-1063.jpg

165.231.154.30

200 OK

39 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Womens_Alpine_Sherpa_Jacke-TXFVH-1063.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
39 kB (38862 bytes)
Hash
8120bdc9b3fb5aa8ce2ec102d702ee39
13d745f7999c5bc8c855b67167dda3d40342bda0
1b872490fa09ad431e2a0707e2431e08d93eb02f132a9905d478a71722e97fc0

HTTP Headers

GET /images/vuoricanada/Women_s_Vuori_Womens_Alpine_Sherpa_Jacke-TXFVH-1063.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:20:58 GMT
Accept-Ranges: bytes
Content-Length: 38862
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ponto_Performance_Pants_Red_-GQTYP-1527.jpg

165.231.154.30

200 OK

29 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ponto_Performance_Pants_Red_-GQTYP-1527.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
29 kB (29212 bytes)
Hash
73b7c5c7448de1e491481b698aad0c56
ca450bd0159875d61b2a0049abce9db6d88b1a72
87f21d5bfd1d10a9313ce5190858cfe4dabe8d1f267a1cbbe2f3e3a05dceb740

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Ponto_Performance_Pants_Red_-GQTYP-1527.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:26 GMT
Accept-Ranges: bytes
Content-Length: 29212
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/hoverimg/202203091105312562.jpg

165.231.154.30

200 OK

178 kB

URL HTTP/1.1
www.dkfmed.ca/images/hoverimg/202203091105312562.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x696, components 3\012- data
Size
178 kB (177952 bytes)
Hash
c5190a3b596161c02c7590a728c20781
ad587325c442b079de8c24f9731fedd66537ede4
cc2ad9d54326153e92a37f7f0429be6f18e454b4c26ecdb62a5b5c096466af9d

HTTP Headers

GET /images/hoverimg/202203091105312562.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 08:05:32 GMT
Accept-Ranges: bytes
Content-Length: 177952
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/hoverimg/202203091105314189.jpg

165.231.154.30

200 OK

192 kB

URL HTTP/1.1
www.dkfmed.ca/images/hoverimg/202203091105314189.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x696, components 3\012- data
Size
192 kB (191586 bytes)
Hash
15103e776b16b67c3dac8f887c84cb17
43b5d3c6c57fdc20ab7a5c85068163432955e7d8
4e0b3a2d325047a81f99161b1416dd129da77607864b3a99d17834625e623f56

HTTP Headers

GET /images/hoverimg/202203091105314189.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 08:05:32 GMT
Accept-Ranges: bytes
Content-Length: 191586
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Aim_Pants_Blue_XDUOT_1904-XDUOT-1904.jpg

165.231.154.30

200 OK

22 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Aim_Pants_Blue_XDUOT_1904-XDUOT-1904.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
22 kB (21655 bytes)
Hash
c01240f54cb89db26f66bfac5206f8e4
8992c4bc7c2199130e72b8bd72a0068352a23c90
ca9af69531b48044b7941f470bd46743f796665ec7dfe66dcf149922bae4c3d3

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Aim_Pants_Blue_XDUOT_1904-XDUOT-1904.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:14 GMT
Accept-Ranges: bytes
Content-Length: 21655
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Austin_Henley_Pullover_Grey_-KLAZQ-1802.jpg

165.231.154.30

200 OK

56 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Austin_Henley_Pullover_Grey_-KLAZQ-1802.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
56 kB (55627 bytes)
Hash
3a2835c430415795b17afe8691366b7f
7a41bd8e41d3a49241bfa0d724ad70c501b40a9d
9f757d599cdafdbd2b442fc9b35135cb7592bbbf5fb49c6d629b7a460cbd6a29

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Austin_Henley_Pullover_Grey_-KLAZQ-1802.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:04 GMT
Accept-Ranges: bytes
Content-Length: 55627
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Cove_Tanks_Grey_JVHUR_42-JVHUR-4236.jpg

165.231.154.30

200 OK

32 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Cove_Tanks_Grey_JVHUR_42-JVHUR-4236.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
32 kB (32215 bytes)
Hash
1b29ed64187557ac2d1386e6be87dbee
19d3235edf231cc9bc0adf0553a833eae9ddfce2
ef3eec5b7783386566405c361d3b8c7b9ddb2e687ab6704539c4d3c9079f0e83

HTTP Headers

GET /images/vuoricanada/Women_s_Vuori_Cove_Tanks_Grey_JVHUR_42-JVHUR-4236.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:20 GMT
Accept-Ranges: bytes
Content-Length: 32215
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Aspire_Elevation_Shorty_Sh-MFHTR-5910.jpg

165.231.154.30

200 OK

30 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Aspire_Elevation_Shorty_Sh-MFHTR-5910.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
30 kB (29717 bytes)
Hash
37a0691e95018842d952814102c65ea3
f573087eea46cdb5724f60742677d3fa32c2166a
3d8410e5660050f039ea6bb75e21247121e81d32a6910543f01e5e23189c7f4b

HTTP Headers

GET /images/vuoricanada/Women_s_Vuori_Aspire_Elevation_Shorty_Sh-MFHTR-5910.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:22:06 GMT
Accept-Ranges: bytes
Content-Length: 29717
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ripstop_Traveler_Pants_Black-HKNFI-4960.jpg

165.231.154.30

200 OK

24 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ripstop_Traveler_Pants_Black-HKNFI-4960.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
24 kB (24035 bytes)
Hash
bdedf05d51af7b6b5fe9d467bbd50ebe
8d9fb55aea51ef75a5785c14dea1c609b0105001
9c39f20c23b77fc467c2bd321f71c33d817b65dcfa089ac6c7bb71733cf97a32

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Ripstop_Traveler_Pants_Black-HKNFI-4960.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:22 GMT
Accept-Ranges: bytes
Content-Length: 24035
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Zephyr_Muscle_Tanks_Blue_N-NBJGH-4013.jpg

165.231.154.30

200 OK

37 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Zephyr_Muscle_Tanks_Blue_N-NBJGH-4013.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
37 kB (36609 bytes)
Hash
34e02e1195c84bb65df6e5a42d2bcd68
e286c32b895167c34fe8aae100bd918624a21513
2b5e99b83798420c066f4b64d635432075e2560535896c727b603d3477f8b4a6

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Zephyr_Muscle_Tanks_Blue_N-NBJGH-4013.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:50 GMT
Accept-Ranges: bytes
Content-Length: 36609
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Springs_Rain_Jackets_Black_-URSMC-8746.jpg

165.231.154.30

200 OK

28 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Springs_Rain_Jackets_Black_-URSMC-8746.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
28 kB (28209 bytes)
Hash
7c62a8dc2d5e51fba586a06294b8903e
59d705346ae5cdcc39a17deffecb3c59de7d03e8
012911633095536e4af6e0ff5e32ba4b001db71c1db3f8df67c45b7ea5672bff

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Springs_Rain_Jackets_Black_-URSMC-8746.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:30 GMT
Accept-Ranges: bytes
Content-Length: 28209
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Vital_Crew_Pullover_Grey_L-LIAWS-9076.jpg

165.231.154.30

200 OK

28 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Vital_Crew_Pullover_Grey_L-LIAWS-9076.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
28 kB (28316 bytes)
Hash
3f6e9ad4795c84e1687b11d616dc5067
f438ddcfe86aeb777fd30b12ba95895175522acb
58bbdd6df2166139e094b67a876afe966696972e6ed4769d7ecf68643c74bfe9

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Vital_Crew_Pullover_Grey_L-LIAWS-9076.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:12 GMT
Accept-Ranges: bytes
Content-Length: 28316
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Tradewind_Performance_Tee_Pu-KOTEW-7296.jpg

165.231.154.30

200 OK

54 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Tradewind_Performance_Tee_Pu-KOTEW-7296.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
54 kB (54372 bytes)
Hash
43ff70f7138e5bd89fe983f4687d152f
0fdaece4666f9553e7bc60894d3224af39d3e2fa
3ef0c4d5883f3fdfd779991f85cd692925be80a8155ed8fc0510e59f8e7b0db3

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Tradewind_Performance_Tee_Pu-KOTEW-7296.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:00 GMT
Accept-Ranges: bytes
Content-Length: 54372
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Womens_Ripstop_Pants_Green-GOEXH-3460.jpg

165.231.154.30

200 OK

29 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Womens_Ripstop_Pants_Green-GOEXH-3460.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
29 kB (29040 bytes)
Hash
946b26c7a789ed08f05c46aa81f9b51d
1317415c3c0fa6619d62ff3a75e5a14a6851e5b7
d57aa3bcc9da67c442002409469db16b8ff463e0d92ed54f0b5167fc6de9fa2a

HTTP Headers

GET /images/vuoricanada/Women_s_Vuori_Womens_Ripstop_Pants_Green-GOEXH-3460.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:22:10 GMT
Accept-Ranges: bytes
Content-Length: 29040
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/api/country

165.231.154.30

200 OK

110 kB

URL HTTP/1.1
www.dkfmed.ca/api/country
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
110 kB (109930 bytes)
Hash
09889b2376c2e35c09c677d776b27e59
7ec15818b6e8c9e7a0583cc9f0322983072c373c
6100955edd4b70f39aed0e5fad4ed2541ba82cdf3c404decb29b3e13d2d54a49

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /api/country HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: cookie_test=please_accept_for_session; expires=Fri, 07-Oct-2022 20:16:13 GMT; Max-Age=2592000; path=/
zenid=qut8jof0nfl85penpe89biq1v3; path=/; HttpOnly
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Kore_Shorts_Blue_CZGIE_860-CZGIE-8607.jpg

165.231.154.30

200 OK

44 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Kore_Shorts_Blue_CZGIE_860-CZGIE-8607.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
44 kB (43807 bytes)
Hash
d6b7924f022d3ca0eb6b2ce786608a5e
7498c9f8f44d563e3822ece81c1bb2685c152b6c
e7ca1f8cca54be32cc3485f7612f3865f4e2cef51bc9c5e6a3d933118e796518

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Kore_Shorts_Blue_CZGIE_860-CZGIE-8607.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:46 GMT
Accept-Ranges: bytes
Content-Length: 43807
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ponto_Performance_Crew_Pullo-TJCVQ-9148.jpg

165.231.154.30

200 OK

43 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ponto_Performance_Crew_Pullo-TJCVQ-9148.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
43 kB (43096 bytes)
Hash
d3510f34498f4d628c887884c5a5efd2
ded8fab51b5452495b7f137319b0ae7447c43520
70d59b041fd1d880573e3a714bad0fd660eda45e55065d1047fd36e3b7ccd3c1

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Ponto_Performance_Crew_Pullo-TJCVQ-9148.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:22:08 GMT
Accept-Ranges: bytes
Content-Length: 43096
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Dad_Hat_Orange_FWHCZ_7938-FWHCZ-7938.jpg

165.231.154.30

200 OK

33 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Dad_Hat_Orange_FWHCZ_7938-FWHCZ-7938.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
33 kB (32811 bytes)
Hash
cc3da093ef3fad80ba91dbf6707869bf
7e03d034b5705d21665b0ff7d303766e9dfc0e07
215c87b0e0bc9a75d878d6d71a97a1924d763fa0eb773e73e17bed3b013a1de3

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Dad_Hat_Orange_FWHCZ_7938-FWHCZ-7938.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:23:16 GMT
Accept-Ranges: bytes
Content-Length: 32811
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ace_Tee_Grey_TMJUY_3708-TMJUY-3708.jpg

165.231.154.30

200 OK

31 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Ace_Tee_Grey_TMJUY_3708-TMJUY-3708.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
31 kB (30841 bytes)
Hash
effdf420afdd2bfbde60e3dc13e64f33
9deb3ebcddfbedc652bd1a80cc3d5db9c6df1926
e79f4e8bb8dca30ee56f4bf5021c6952315564d4a17ffa7c82a2a3eda77a95a3

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Ace_Tee_Grey_TMJUY_3708-TMJUY-3708.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:22:12 GMT
Accept-Ranges: bytes
Content-Length: 30841
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Aspen_Shirt_Jackets_Blue_W-WKLNZ-2503.jpg

165.231.154.30

200 OK

36 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Men_s_Vuori_Aspen_Shirt_Jackets_Blue_W-WKLNZ-2503.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
36 kB (36324 bytes)
Hash
aa5834b1c10910c407b2d5bf66df7798
d737763ae5bcb3737ac5beaf0694b27b6e75d687
8bc994316ccc7bcfd45e65db477fadcd2d953379c26b3a740cd3189c51f4c499

HTTP Headers

GET /images/vuoricanada/Men_s_Vuori_Aspen_Shirt_Jackets_Blue_W-WKLNZ-2503.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:20 GMT
Accept-Ranges: bytes
Content-Length: 36324
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Beach_Hoodie_Camo_Pink_-KOFRL-7103.jpg

165.231.154.30

200 OK

30 kB

URL HTTP/1.1
www.dkfmed.ca/images/vuoricanada/Women_s_Vuori_Beach_Hoodie_Camo_Pink_-KOFRL-7103.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 550x550, components 3\012- data
Size
30 kB (30480 bytes)
Hash
b3b77bf056a2aaa4f96ca47f7469870b
0b25afbd7805ac5a654591916c84dd847f58209c
5602721d53aa06125c28c3b4c8bfde5ce612bd7ac7a2b5149b8085f4d6bc0851

HTTP Headers

GET /images/vuoricanada/Women_s_Vuori_Beach_Hoodie_Camo_Pink_-KOFRL-7103.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 07:21:14 GMT
Accept-Ranges: bytes
Content-Length: 30480
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/favicon.ico

165.231.154.30

200 OK

1.1 kB

URL HTTP/1.1
www.dkfmed.ca/favicon.ico
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type
PNG image data, 32 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1054 bytes)
Hash
1350a6ec3e6067a3b9f1d89d78868b80
346d1c2f5a8ceb1c3dad1e8a1843b0132b660281
1ed203337774398ea2bca717fe9a361346739d1f4931d4596f97445347774991

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session; zenid=qut8jof0nfl85penpe89biq1v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:14 GMT
Server: Apache
Last-Modified: Mon, 07 Mar 2022 11:25:52 GMT
Accept-Ranges: bytes
Content-Length: 1054
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/x-icon

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8756 bytes)
Hash
44ee4c9bd1e550045d69f24ad511070c
3bf0d51801523d7014ac76b5ab90c989fc7a770f
ee48c13050faa498f79222216f9c71b20b3a4e5e8e5c59c7156c276ab942703c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0800dbf4-64cd-48ab-95cc-48192d2f25f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8756
x-amzn-requestid: d48113bc-fe40-4d59-b700-194b1092ab67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqmxQEbVoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630db807-14ff6f5b0ffb9a7f08e57906;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 07:11:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YKs0giofWi83MnLBqx6zAu1NGd_A9-l6y2pULUBn2RK0-H3KNRzrUg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 16:00:00 GMT
age: 15380
etag: "3bf0d51801523d7014ac76b5ab90c989fc7a770f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js

165.231.154.30

200 OK

0 B

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/vuoricanada/jscript/jscript_2.2.0.min.js HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:12 GMT
Server: Apache
Last-Modified: Fri, 24 Jul 2020 18:30:22 GMT
Accept-Ranges: bytes
Content-Length: 142713
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Sep 2022 20:16:12 GMT
date: Wed, 07 Sep 2022 20:16:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.dkfmed.ca/images/hoverimg/20220309954177508.jpg

165.231.154.30

200 OK

0 B

URL HTTP/1.1
www.dkfmed.ca/images/hoverimg/20220309954177508.jpg
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/hoverimg/20220309954177508.jpg HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Last-Modified: Wed, 09 Mar 2022 09:54:17 GMT
Accept-Ranges: bytes
Content-Length: 195844
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

www.dkfmed.ca/includes/templates/vuoricanada/css/ajax-loader.gif

165.231.154.30

404 Not Found

0 B

URL HTTP/1.1
www.dkfmed.ca/includes/templates/vuoricanada/css/ajax-loader.gif
IP
165.231.154.30:0
ASN
#58065 Packet Exchange Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /includes/templates/vuoricanada/css/ajax-loader.gif HTTP/1.1
Host: www.dkfmed.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dkfmed.ca/includes/templates/vuoricanada/css/stylesheet_slick.css
Cookie: cookie_test=please_accept_for_session
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 07 Sep 2022 20:16:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: cookie_test=please_accept_for_session; expires=Fri, 07-Oct-2022 20:16:13 GMT; Max-Age=2592000; path=/
zenid=3o3r7g7evpbmkbf6v1qibpj8q6; path=/; HttpOnly
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP