demo2.jovenesvip.com/
38.242.238.22301 Moved Permanently 162 B IP 38.242.238.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 18 Jan 2023 07:17:09 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://demo2.jovenesvip.com/
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6433
Expires: Wed, 18 Jan 2023 09:04:23 GMT
Date: Wed, 18 Jan 2023 07:17:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10595
Expires: Wed, 18 Jan 2023 10:13:45 GMT
Date: Wed, 18 Jan 2023 07:17:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d38f4bb41e1264b8a1e11ff0b1499d20
21c3e36bd908df43e0d49b747e270ec75cb882b0
3ff822eb56d2218ad6244fd013a82e0d27450ae21d47e08f1e3fdf4c82a8aad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF822EB56D2218AD6244FD013A82E0D27450AE21D47E08F1E3FDF4C82A8AAD7"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3724
Expires: Wed, 18 Jan 2023 08:19:14 GMT
Date: Wed, 18 Jan 2023 07:17:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 06:49:19 GMT
content-type: application/json
age: 1671
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +5BVV9RHCRd16rqVtp4YjSc+a5IASpVv3mg3QQDZIXTVOCZtTH7wbwCLgHswH7qbnfCaqDCv1xo=
x-amz-request-id: 0R0XH1MQ0CQCXGA4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 06:45:18 GMT
age: 1912
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:10 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 06:17:25 GMT
age: 3585
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 155
Cache-Control: max-age=93134
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 07:17:10 GMT
Etag: "63c66529-1d7"
Expires: Thu, 19 Jan 2023 09:09:24 GMT
Last-Modified: Tue, 17 Jan 2023 09:06:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.45.85101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.45.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SJhh5HiTjrTnpS4nTeuP/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tEzYZI9qc14j3emt6M3QXez06co=
demo2.jovenesvip.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.3
38.242.238.22200 OK 299 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.3
IP 38.242.238.22:0
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.0.3 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
content-length: 299
x-accel-version: 0.01
last-modified: Thu, 31 Mar 2022 21:38:28 GMT
etag: "2b5-5db8a7b8ef9dd-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 471 B IP 172.217.21.163:0
Hash 2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 07:17:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 471 B IP 172.217.21.163:0
Hash 2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 07:17:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
172.217.21.163200 OK 472 B IP 172.217.21.163:0
Hash 43904744042cec16f81766250b8ebf49
8393568a2e9c86dafc36563c76703704c7cd86c6
d2359c7cce5176a68cd627ba7e39dfceff78036c6840cd468994df8519f1fb27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 07:17:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Fira+Sans%3A500%2C700%2C300%2Cregular%7CCrimson+Text%3Aregular%2C600%7CRoboto%3A100%2C500%2Citalic%2C500italic%7CMerriweather%3A700%2C300%2C300italic%7CMontserrat%3Aregular%2Citalic%2C700%2C700italic%7CPlayfair+Display%3Aregular&subset=cyrillic%2Clatin%2Cvietnamese&ver=6.0.3
142.250.74.106200 OK 2.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Fira+Sans%3A500%2C700%2C300%2Cregular%7CCrimson+Text%3Aregular%2C600%7CRoboto%3A100%2C500%2Citalic%2C500italic%7CMerriweather%3A700%2C300%2C300italic%7CMontserrat%3Aregular%2Citalic%2C700%2C700italic%7CPlayfair+Display%3Aregular&subset=cyrillic%2Clatin%2Cvietnamese&ver=6.0.3
IP 142.250.74.106:0
Hash 21298daf1bfa70320cfe57833754eef9
f1df881efe314a4c5b0ea0e8d1d56ed8af6fdb65
1d8bec3040e36fcddb515a73bc87822890a7e1ea134e611e5ba6e064bcd1fb37
GET /css?family=Fira+Sans%3A500%2C700%2C300%2Cregular%7CCrimson+Text%3Aregular%2C600%7CRoboto%3A100%2C500%2Citalic%2C500italic%7CMerriweather%3A700%2C300%2C300italic%7CMontserrat%3Aregular%2Citalic%2C700%2C700italic%7CPlayfair+Display%3Aregular&subset=cyrillic%2Clatin%2Cvietnamese&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 18 Jan 2023 07:17:11 GMT
date: Wed, 18 Jan 2023 07:17:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=20.6
38.242.238.22200 OK 414 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=20.6
IP 38.242.238.22:0
Hash 5e969a4415897775483f015c0c15e0fc
3d51a7a1ff14eb2250d296424d5454391f8471cf
5ead375701abdfb5ddbf68acf5911474320cfe5cda2c30d5edd46d3658de1c24
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/jquery.hammer.min.js?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
content-length: 414
x-accel-version: 0.01
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
etag: "3db-5d879e75fda61-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-includes/js/tinymce/skins/lightgray/img/loader.gif
38.242.238.22200 OK 2.6 kB URL HTTP/2 demo2.jovenesvip.com/wp-includes/js/tinymce/skins/lightgray/img/loader.gif
IP 38.242.238.22:0
File type GIF image data, version 89a, 31 x 31\012- data
Hash 394bafc3cc4dfb3a0ee48c1f54669539
5640ea4d0eba1c390f587ec69463c9a5196b7fa2
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
GET /wp-includes/js/tinymce/skins/lightgray/img/loader.gif HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: image/gif
content-length: 2608
last-modified: Wed, 10 Nov 2021 22:36:20 GMT
etag: "618c4964-a30"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
38.242.238.22200 OK 4.5 kB URL HTTP/2 demo2.jovenesvip.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 38.242.238.22:0
File type ASCII text, with very long lines (11126)
Hash 360c443163df27a567d413af1af75005
30e84b50a0c374c3412e8b32ee008120fcafc530
3f73d18c09bee35e4edaee3963bd4cae505e11a6f75f63de87fb62cefa786e3f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:44 GMT
vary: Accept-Encoding
etag: W/"6212b46c-2bd8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-child/js/custom.js?ver=1.0.4
38.242.238.22200 OK 103 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-child/js/custom.js?ver=1.0.4
IP 38.242.238.22:0
Hash be4aed23dd00e9a6cbe382d89801b46f
c55e64517a043496a8d7514c6e604321dd4ae7c3
d3aff08c1ffe02d0290e17b0c7330e9e45bb52fdb697b3397824253835154dd3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-child/js/custom.js?ver=1.0.4 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
content-length: 103
x-accel-version: 0.01
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
etag: "55-5d076dab24bd5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/uploads/the-core-style.css?ver=1648765875
38.242.238.22200 OK 69 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/uploads/the-core-style.css?ver=1648765875
IP 38.242.238.22:0
File type assembler source, ASCII text, with very long lines (683)
Hash 96b10a6d7530b5073cf7db1e8d6e91b8
cf234d51a75352d2f1c17280f6e142c4ae02a3bb
4357887bcb1fa8927b731cd938e71dc91bfce7acc939c56e0fb114c2e7b7a33c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/the-core-style.css?ver=1648765875 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Thu, 31 Mar 2022 22:31:15 GMT
vary: Accept-Encoding
etag: W/"62462bb3-8cf13"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/es_ES.png
38.242.238.22200 OK 325 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/translatepress-multilingual/assets/images/flags/es_ES.png
IP 38.242.238.22:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 9b97d011997079fde3d813ed3f24875e
25a4e0e4162842272fa003d2bdfc93c14f1d2682
f71e440bd8074d59686f35d87b824c16f5310a34bab7fb017b0178bd726e35d3
GET /wp-content/plugins/translatepress-multilingual/assets/images/flags/es_ES.png HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: image/png
content-length: 325
x-accel-version: 0.01
last-modified: Thu, 31 Mar 2022 21:38:43 GMT
etag: "145-5db8a7c6cb6ed"
accept-ranges: bytes
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/selectize.min.js?ver=1.0.42
38.242.238.22200 OK 13 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/selectize.min.js?ver=1.0.42
IP 38.242.238.22:0
File type Unicode text, UTF-8 text, with very long lines (32247)
Hash e63da64264b3e3be5294f094b88dec0b
d4889777f52a12b9921dafb17834ac6e036031d4
d5df441f21942fe62af9e733df7668542040f394158a501316603d43b7d13988
GET /wp-content/themes/the-core-parent/js/selectize.min.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-9be8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.1
38.242.238.22200 OK 4.6 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.1
IP 38.242.238.22:0
Hash 2acd77cef26c3d5ffe86c16b8293ada1
fbfba3b8eb2bc8d6bf9651ee537fa94660c78a75
59beb73ce926593086d31b265994f0832bb1e7fa5c13c2592922c3055af54301
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.1 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Thu, 31 Mar 2022 21:45:11 GMT
vary: Accept-Encoding
etag: W/"624620e7-6a71"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-child/style.css?ver=1.0.42
38.242.238.22200 OK 16 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-child/style.css?ver=1.0.42
IP 38.242.238.22:0
File type HTML document, ASCII text, with very long lines (431)
Hash 8a82e81c71fce4963c76f9fc76880b45
f348e7fb448687510cf229382df6ba61a4358705
8b07df185a6a68765f5ecd63d8e23d79b3025c6b96e075af0c573a600fa4d8ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-child/style.css?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-490"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100
142.250.74.106200 OK 63 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100
IP 142.250.74.106:0
Hash 4065b90c68c779b2913f038bd51cce4d
ae79ee719f8355ff99602865841246ed18f09913
cd1eab0c5358e0271dd44326a6410d908205664f8a76fa43857c02f6ca8243ad
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 18 Jan 2023 07:17:11 GMT
date: Wed, 18 Jan 2023 07:17:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.carouFredSel-6.2.1-packed.js?ver=1.0.42
38.242.238.22200 OK 14 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.carouFredSel-6.2.1-packed.js?ver=1.0.42
IP 38.242.238.22:0
File type ASCII text, with very long lines (32032)
Hash c59574cfcdf0db302aabdbf3ed912f35
dc44dbde106e7ef2edae58fe8a0e2714aeaafe4c
6db5e331d9cf2eb2300325286768c0ea070d41844292221bb6e1e5edd3fa538d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/jquery.carouFredSel-6.2.1-packed.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-d5fc"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/general.js?ver=1.0.42
38.242.238.22200 OK 11 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/general.js?ver=1.0.42
IP 38.242.238.22:0
File type ASCII text, with very long lines (630)
Hash a46b34d3e62a62fef1a5ac7181ac9483
21639877cd15dddeab7d0abdcd9e710e7411b237
17885a8d39e37198d941cae51ed5e02b247bc764ae54dd50021c6cb800c65937
GET /wp-content/themes/the-core-parent/js/general.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-c93a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
38.242.238.22200 OK 10 kB URL HTTP/2 demo2.jovenesvip.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 38.242.238.22:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash bf652f13efe7bc95d44fec33038e6fa4
3eb65f8d77778fe3eb4e22f171c991ca669733bc
3be475a04f3443b3a36d067527bf95cd353e8ee37c8204ce1a8d88e8283477cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:13:32 GMT
vary: Accept-Encoding
etag: W/"6305f9cc-50eb"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=20.6
38.242.238.22200 OK 63 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=20.6
IP 38.242.238.22:0
File type Unicode text, UTF-8 text, with very long lines (35190), with NEL line terminators
Hash 2fbc328633f88aaa40af8b03de200f16
74ee54fcec39672e1bb7476f863a1e93476aaf23
07729e5807d9b001d1b683f2aa49712b0574ee2a8d085402914ec8306f30cd42
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/bookly.min.js?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-2281e"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Hash a95e391373ad634c3b7dbaf77de3f40e
ddc4638bc28c21a400fcd2df94448743f198a257
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.jovenesvip.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 15:34:17 GMT
expires: Wed, 17 Jan 2024 15:34:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
content-type: font/woff2
age: 56575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/brizy/public/editor-build/240-wp/editor/js/group-all.js?ver=2.4.4
38.242.238.22200 OK 77 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/brizy/public/editor-build/240-wp/editor/js/group-all.js?ver=2.4.4
IP 38.242.238.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a2226e378b815f7f644ccb1d247baada
fff8ab48b0736f26c9c00c26819df5bd1fae2e01
afd587ffbb2036d101bfc625b25ffdbdb1b59693048420f62ba0d19b623742f3
GET /wp-content/plugins/brizy/public/editor-build/240-wp/editor/js/group-all.js?ver=2.4.4 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:12:46 GMT
vary: Accept-Encoding
etag: W/"6305f99e-39b3c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data
Hash 2ca1253c8e47277b38c02353cdf32102
3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.jovenesvip.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:04:45 GMT
expires: Wed, 17 Jan 2024 18:04:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
content-type: font/woff2
age: 47547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/lib/modernizr.min.js?ver=1.0.42
38.242.238.22200 OK 27 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/lib/modernizr.min.js?ver=1.0.42
IP 38.242.238.22:0
File type HTML document, ASCII text, with very long lines (12671)
Hash 91b2da5f704c74e48a91f1597838cdb9
d233c85cd47256a8b07fef760cc18209b7fcfdae
4378fe427489900990a11e0495a55ab02eabc6a0a8d7e2708a62e0540a8ce7db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/lib/modernizr.min.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-340a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.1
38.242.238.22200 OK 7.6 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.1
IP 38.242.238.22:0
Hash 950d0d9223fdc65eb116148e53950819
e4ac624246d5bf3b0d95d2ab55ee26bc5e909db9
0a52a940b4cd2fccc41b1eabaad473e779f124e8ad71e27c10776f040f7f235a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.1 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Thu, 31 Mar 2022 21:45:11 GMT
vary: Accept-Encoding
etag: W/"624620e7-88fd"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.jovenesvip.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 07:51:59 GMT
expires: Thu, 11 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 602713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/brizy/public/editor-build/240-wp/editor/css/group-all.css?ver=2.4.4
38.242.238.22200 OK 11 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/brizy/public/editor-build/240-wp/editor/css/group-all.css?ver=2.4.4
IP 38.242.238.22:0
File type ASCII text, with very long lines (600)
Hash f02b1328aae5675d966aa454f76b32df
7c21ee78c05201c4b028c973e4b46602b68dfa4b
90e32064925613359fcb4b653109d4f81e8967e741f72c5bc62ee02400358845
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/brizy/public/editor-build/240-wp/editor/css/group-all.css?ver=2.4.4 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 10:12:45 GMT
vary: Accept-Encoding
etag: W/"6305f99d-1e098"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.jovenesvip.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 13:09:06 GMT
expires: Wed, 17 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 65286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=20.6
38.242.238.22200 OK 18 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=20.6
IP 38.242.238.22:0
File type ASCII text, with very long lines (4247)
Hash 4ab5c795801fd36f8e19ec945513f4ed
a884564979d218cb15cdc1ec437713072ef8811c
2600a5e0bea426d329d03289c72da5e8d78505e7d739d775f0007495e96de1af
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/spin.min.js?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-10b5"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=20.6
38.242.238.22200 OK 28 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=20.6
IP 38.242.238.22:0
File type ASCII text, with very long lines (8031)
Hash fd23e5cafc0aeaeb8f107e83bb744135
be62f0ec878fcdc51707eb2bd17a72c302999dac
caac4f4aad96987968fb2d778f50d98d3f3d371ea41e600023ef7981b850b735
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.js?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-1fee"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrA6Qif4VFk.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrA6Qif4VFk.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23552, version 1.0\012- data
Hash 4bbf5e384d6b06f7db8b753560992cc1
68dfe3e551c3af43ccd94272d73882adba0ddb94
ad6de69fb78ef34006b189a8b1ace7b398ffbde8ec15833cbeeaa0a728f6587e
GET /s/firasans/v16/va9f4kDNxMZdWfMOD5VvkrA6Qif4VFk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.jovenesvip.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 23:56:16 GMT
expires: Wed, 17 Jan 2024 23:56:16 GMT
cache-control: public, max-age=31536000
age: 26456
last-modified: Thu, 21 Apr 2022 16:54:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demo2.jovenesvip.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 07:01:24 GMT
expires: Wed, 17 Jan 2024 07:01:24 GMT
cache-control: public, max-age=31536000
age: 87348
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/uploads/2019/09/nice-3348726_960_720.jpg
38.242.238.22200 OK 34 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/uploads/2019/09/nice-3348726_960_720.jpg
IP 38.242.238.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x533, components 1\012- data
Hash 7c63e455dcbc254fb715116a0e33a214
612d7bae28888d4ba31c0119856fe932202b194f
3012447e354103452fee3c0a4024479620847712f5cd5aa2877720cebcd9ac11
GET /wp-content/uploads/2019/09/nice-3348726_960_720.jpg HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:12 GMT
content-type: image/jpeg
content-length: 34221
last-modified: Wed, 10 Nov 2021 22:36:18 GMT
etag: "618c4962-85ad"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/uploads/2019/09/summerfield-336672_1920.jpg
38.242.238.22200 OK 38 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/uploads/2019/09/summerfield-336672_1920.jpg
IP 38.242.238.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x531, components 3\012- data
Hash c56e64aa1b7c8c96af5c8d38d6d889c2
6129c04ef3a4922a6626c683a72de39b6e12ebd2
6716a58461ca2d2f271a22ff54aa643ebcadf861bdbf88f637d8ff5a720d51c5
GET /wp-content/uploads/2019/09/summerfield-336672_1920.jpg HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:12 GMT
content-type: image/jpeg
content-length: 38118
last-modified: Wed, 10 Nov 2021 22:36:18 GMT
etag: "618c4962-94e6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/brizy/public/editor-build/240-wp/editor/css/preview.css?ver=2.4.4
38.242.238.22200 OK 26 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/brizy/public/editor-build/240-wp/editor/css/preview.css?ver=2.4.4
IP 38.242.238.22:0
Hash 381f67c71e5acdc95943bb853ee8a802
70221b2f172a49df51d6952c58ccfe961c576c35
338224d11238e49797f90e1c456f428cfa29f1aea4549e88bb033de035a27450
GET /wp-content/plugins/brizy/public/editor-build/240-wp/editor/css/preview.css?ver=2.4.4 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 10:12:45 GMT
vary: Accept-Encoding
etag: W/"6305f99d-3b8b4"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/css/prettyPhoto.css?ver=1.0.42
38.242.238.22200 OK 3.1 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/css/prettyPhoto.css?ver=1.0.42
IP 38.242.238.22:0
File type ASCII text, with very long lines (402)
Hash cbe9031e1db6249733753c7a8715e83f
69e043942e53a7d10126944e8a4d409326705db2
9a7c35a5b0d0b1e868024c22dbf518d755e2db1899244af81d67a3f1098958b3
GET /wp-content/themes/the-core-parent/css/prettyPhoto.css?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-4dca"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/style.css?ver=6.0.3
38.242.238.22200 OK 1.5 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/style.css?ver=6.0.3
IP 38.242.238.22:0
File type HTML document, ASCII text, with very long lines (356)
Hash b24abfd3341df5b080a73afea1822b99
4e383d9afea8af5bf249b834f007eaeada78156c
75b82627831db2d89ecab45a3a0b9d6c0078e1fc6365ddc9c387c190404b0e2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/style.css?ver=6.0.3 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-8be"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/uploads/2019/09/BILLETES.jpg
38.242.238.22200 OK 39 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/uploads/2019/09/BILLETES.jpg
IP 38.242.238.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x449, components 3\012- data
Hash 6d390595b1b27d47279dfe1208a80b29
144b83a4a847fe460a27aed987c4df8e3283f241
703b2f64b2d464be932ca2188842d30fea24c2134882d6c73ba88d0df4cda0e1
GET /wp-content/uploads/2019/09/BILLETES.jpg HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:12 GMT
content-type: image/jpeg
content-length: 38753
last-modified: Wed, 10 Nov 2021 22:36:18 GMT
etag: "618c4962-9761"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/brizy/public/editor-build/240-wp/editor/js/preview.js?ver=2.4.4
38.242.238.22200 OK 78 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/brizy/public/editor-build/240-wp/editor/js/preview.js?ver=2.4.4
IP 38.242.238.22:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 5d8321b7deca2aa0ed7c151ab70a9deb
73b2efe5efb90505be44df96562ca1efbff13a4a
e62d89843c316c96b2903b23fe92a4b15fcaab9eac2fe68bfd04ee69446e2430
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/brizy/public/editor-build/240-wp/editor/js/preview.js?ver=2.4.4 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:12:46 GMT
vary: Accept-Encoding
etag: W/"6305f99e-2cd09"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 160148de-85b1-4456-a580-e079f391f979
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A0gErTIAMF_eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714e9-52efcd642bd209373b16cf72;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ARZobaKhEsHSEJdma3SXwCn_IKwRJaDbgjHfq_p_0HypKFWoqJIOJw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:52:59 GMT
age: 33853
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/uploads/2019/09/descarga.jpeg
38.242.238.22200 OK 24 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/uploads/2019/09/descarga.jpeg
IP 38.242.238.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x476, components 3\012- data
Hash f4cba421aa61a0f44ccc3e8233aafde9
aad20953e674f3a1d0c5b91e8da46b68e54c1d43
1a82fa7b77509ef32bf57c1ca3eceff53d614867dd6b618b96842464f97b3143
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2019/09/descarga.jpeg HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:12 GMT
content-type: image/jpeg
content-length: 23714
last-modified: Wed, 10 Nov 2021 22:36:18 GMT
etag: "618c4962-5ca2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.mmenu.min.all.js?ver=1.0.42
38.242.238.22200 OK 351 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.mmenu.min.all.js?ver=1.0.42
IP 38.242.238.22:0
File type ASCII text, with very long lines (9669)
Size 351 kB (351356 bytes)
Hash 82d8fd3e574386425ce73791a5fdce51
935e80fd06027b7f752141611cc7caf3f7e3e633
4662acea5544254ed51e6735078f6277bd4539fde9bc516168c4bb7193688d78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/jquery.mmenu.min.all.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-8c1a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=20.6
38.242.238.22200 OK 84 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=20.6
IP 38.242.238.22:0
File type ASCII text, with very long lines (19579)
Hash fe77daf61052caa732f547f1aadef353
b7f4b8c0d42ac79f0947d8284b84f07bb38fdf5f
4125dd33c2a53e3951e3fd7f86ee47123865f340fcf9c8bc980354abfe562455
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/hammer.min.js?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-4d09"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=20.6
38.242.238.22200 OK 13 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=20.6
IP 38.242.238.22:0
File type ASCII text, with very long lines (12685)
Hash d91c84c653b746eb0cc6e6af85c21714
f020e2eb38abc29a7bba8854456ec650407f63e2
f2b43863ddacb916783f20069669a398e839e4c1fcdf3c78418fbc147f1f8196
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/picker.date.js?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-31ec"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=20.6
38.242.238.22200 OK 9.7 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=20.6
IP 38.242.238.22:0
File type Unicode text, UTF-8 text, with very long lines (22399)
Hash d3a48883f26752a309e885527d1395a2
28ec018067d73739aaa05c2c8c3faf79da70018b
8d56ed96398aa9910302e4a1dae424f5abc90d5438ed34956921b9ad3c88ec79
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/intlTelInput.min.js?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-5aac"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QZZaGtGl3Z-4G4DxO4R_gjfDdQVgJc30Ur9EyLAvbGFhv4LfaXziPQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:21:58 GMT
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
age: 32114
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df397b10a8e03cec7f74cd8f0fbb4e6e
625e8a1b7e865def8861e194ac754c486cd374e7
6bafab2eaac6814dd4c0f2155119f71e01cf6ecd602d51fa5d5e547db3588705
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefcc19e1-75f3-4a6f-8686-3308f93dd409.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7574
x-amzn-requestid: e330d010-6465-47c6-b45f-b25a6de84f9d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A16GjsIAMFYgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714f2-17ca5566719117874cb6a6d0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZY9VS9LrhC7G6wGv-_gNBLk_cxGc3a92IFAhsck20B73dCt8LXmYBQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:52:38 GMT
age: 33874
etag: "625e8a1b7e865def8861e194ac754c486cd374e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/lib/bootstrap.min.js?ver=1.0.42
38.242.238.22200 OK 18 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/lib/bootstrap.min.js?ver=1.0.42
IP 38.242.238.22:0
File type ASCII text, with very long lines (28928)
Hash 318fba56460f12eeaa3fd0d67af8603e
a3728ca15d0cf8958a75bde0239f3b4810e5ba5f
87377a9b83f42a074cf218fff2d864325e95cdaf8349b483807bf7a6ca2c6e77
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/lib/bootstrap.min.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-71a9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f491398239265c63ac162d47ab006ce6
c95e1bba76e910100e86f8abf789e5b5c1a2baa6
cdada2d9608e9d3f8e03cf9ced211550b6f7c8f7e0b5ee027a96f45af38523f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _7YOm38n8-T2LAL-cRA7R8KvEUBhXEM0dOXjOZ6HyPRNfMu6Z0Fh3g==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:10:03 GMT
age: 32829
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=20.6
38.242.238.22200 OK 76 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=20.6
IP 38.242.238.22:0
File type ASCII text, with very long lines (9022)
Hash f49f9886fbc548b4fd22fc34500386a5
77e9985fbe5ae455196610b670ae6779db558f34
aa67689d8a8430384ae5cd3eaa84ac93c321b574109de29ba232f787ca512123
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/ladda.min.css?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-23e0"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/favicon.ico
38.242.238.22200 OK 114 kB URL HTTP/2 demo2.jovenesvip.com/favicon.ico
IP 38.242.238.22:0
File type MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size 114 kB (113459 bytes)
Hash 1db747255c64a30f9236e9d929e986ca
384023452346aa087d40c93c23ca2f5e32ff1b1f
88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544
GET /favicon.ico HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:12 GMT
content-type: image/vnd.microsoft.icon
content-length: 113459
last-modified: Wed, 10 Nov 2021 22:36:14 GMT
etag: "618c495e-1bb33"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.customInput.js?ver=1.0.42
38.242.238.22200 OK 1.9 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.customInput.js?ver=1.0.42
IP 38.242.238.22:0
Hash 91b112d145206c36e2d9b4c6ab41a357
7db7d80bc6b91f76e14acdbf48eaf86cdf410414
7b2a685f10bbfafa75e3803cf977a13e8036891458d4ac275fbb3def0239f265
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/jquery.customInput.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-d9c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.parallax.js?ver=1.0.42
38.242.238.22200 OK 57 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.parallax.js?ver=1.0.42
IP 38.242.238.22:0
Hash 85be02aa20c9629d54999e620ce9616b
f3461fd8790b2af118e5336714ca6ad09a5a60da
08e50468d62d775c4caee2f6888d90da752f5905450e654d8711254898b76f6a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/jquery.parallax.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-6cc"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
38.242.238.22200 OK 1.8 kB URL HTTP/2 demo2.jovenesvip.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 38.242.238.22:0
File type ASCII text, with very long lines (5477)
Hash 94b8bef9e2b21c6a265030d0cdf4f12f
208b87bbe3b7658d17327924daa8191856948e5b
2fda46e833fb98e292284ec1207e7af4d83047bc53f3dfa546d38928f01f81a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:44 GMT
vary: Accept-Encoding
etag: W/"6212b46c-15fd"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/5/init_embed.js
142.250.74.99200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/5/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2599)
Hash 3b38dae0a22ba85304bbd1ccc52f824f
7e7fc5d0a6497b36fb61f41c27d6c45809a78a96
45c770bc2fad26fe42afed3baabed5fe1e2557e2942fdd2a97d0f5c675137cea
GET /maps-api-v3/embed/js/51/5/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 70281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 18:55:11 GMT
expires: Thu, 11 Jan 2024 18:55:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 03:06:00 GMT
content-type: text/javascript
age: 562921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.3200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.3:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 12:53:47 GMT
expires: Tue, 16 Jan 2024 12:53:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 152605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo1.jovenesvip.com/wp-content/plugins/gtranslate/flags/16/en.png
38.242.238.22200 OK 707 B URL HTTP/2 demo1.jovenesvip.com/wp-content/plugins/gtranslate/flags/16/en.png
IP 38.242.238.22:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash e4896565595fc22e344fd619c0ed15bb
43d4481a4cc3e60b406b2467b5f7e576fcbae260
c3a4cb8f32ef0cd89e6429d40d1faebd359e02e34d69764052c8402a391e9a00
GET /wp-content/plugins/gtranslate/flags/16/en.png HTTP/1.1
Host: demo1.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:12 GMT
content-type: image/png
content-length: 707
x-accel-version: 0.01
last-modified: Thu, 31 Mar 2022 21:41:37 GMT
etag: "2c3-5db8a86d56c0e"
accept-ranges: bytes
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
38.242.238.22200 OK 64 kB URL HTTP/2 demo2.jovenesvip.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 38.242.238.22:0
File type ASCII text, with very long lines (15660)
Hash 45fd717b58832696ccba9cf96945e8f0
a6bcb09ef2ddfb457ba5137ca26e4cb8602dbb27
6cd59f25288f35e5f0f1f88ffccb86744386ec83ee38ddd140ed484aebaeff34
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:13:32 GMT
vary: Accept-Encoding
etag: W/"6305f9cc-48b9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=20.6
38.242.238.22200 OK 20 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=20.6
IP 38.242.238.22:0
File type ASCII text, with very long lines (20761), with no line terminators
Hash a4e611af852487b883fc2daf91fd4f93
7fbaeafb0376dd1b1052e5f32ee08c343c8f2261
962b93b04fc4b27869fdf3bc06f8574da7bb8fc7a99d64a0efd14c21e81e0b7b
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/intlTelInput.css?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-5119"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/images/checkbox.png
38.242.238.22200 OK 2.9 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/images/checkbox.png
IP 38.242.238.22:0
File type PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 34e958af1e79176f92991fd6de2a5f5f
dd6922083f24778bdf0e30cd487bea71b236a9c8
08893b609ca826c5c99ee2d23e75325154567190922db56e3257d154a1adb892
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/images/checkbox.png HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; gt_auto_switch=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:13 GMT
content-type: image/png
content-length: 2911
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
etag: "6212b448-b5f"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/uploads/pum/pum-site-styles.css?generated=1661337404&ver=1.16.7
38.242.238.22200 OK 21 kB URL HTTP/2 demo2.jovenesvip.com/wp-content/uploads/pum/pum-site-styles.css?generated=1661337404&ver=1.16.7
IP 38.242.238.22:0
File type ASCII text, with very long lines (7444), with CRLF, LF line terminators
Hash 4e6ed19a82a237bef911800a5d66c9b7
d50ab92fdf75f2c6c7ebd76de63ba908873a3f9d
037fdf73bea68866eb66c9ccee29545fe4c98be87c1dcaac8953ce9382ef63c1
GET /wp-content/uploads/pum/pum-site-styles.css?generated=1661337404&ver=1.16.7 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 10:36:44 GMT
vary: Accept-Encoding
etag: W/"6305ff3c-4943"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-json/pum/v1/analytics/?event=open&pid=1431&_cache=1674026233052
38.242.238.22204 No Content 0 B URL HTTP/2 demo2.jovenesvip.com/wp-json/pum/v1/analytics/?event=open&pid=1431&_cache=1674026233052
IP 38.242.238.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-json/pum/v1/analytics/?event=open&pid=1431&_cache=1674026233052 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; gt_auto_switch=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 18 Jan 2023 07:17:14 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: noindex
link: <https://demo2.jovenesvip.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 928e970121a035e9f8d537e4bfe6bf5c
ce4aadc6b3500508d1c4b42b76f09be4414b6eee
2da1438b17cf05aed64e565350dcc706420f2bae7e8c5e36d1b5bad38248c275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 5b743b27-b6d4-4d98-9984-3a5e17cb28e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1xH8BIAMFuZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714f1-2f1031db0871abae4760d5b6;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: smM0mXHWYzOZzuSEzRIAzz6WEJEFNI0ysTBFSz1P_gcZMdEwfxSEYA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:52:59 GMT
age: 33860
etag: "ce4aadc6b3500508d1c4b42b76f09be4414b6eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.touchSwipe.min.js?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.touchSwipe.min.js?ver=1.0.42
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/jquery.touchSwipe.min.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-2a32"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/lazysizes.min.js?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/lazysizes.min.js?ver=1.0.42
IP 38.242.238.22:0
GET /wp-content/themes/the-core-parent/js/lazysizes.min.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-681e"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/css/bootstrap.css?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/css/bootstrap.css?ver=1.0.42
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/css/bootstrap.css?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-1e075"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/css/animate.css?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/css/animate.css?ver=1.0.42
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/css/animate.css?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-11a43"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/css/jquery.mmenu.all.css?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/css/jquery.mmenu.all.css?ver=1.0.42
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/css/jquery.mmenu.all.css?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-b763"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.2.3
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.2.3
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.2.3 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Thu, 31 Mar 2022 21:38:43 GMT
vary: Accept-Encoding
etag: W/"62461f63-131e"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 38.242.238.22:0
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:13:32 GMT
vary: Accept-Encoding
etag: W/"6305f9cc-43b3"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.date.css?ver=20.6
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.date.css?ver=20.6
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.date.css?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-1112"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/scrollTo.min.js?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/scrollTo.min.js?ver=1.0.42
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/scrollTo.min.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-8cd"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.27
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.27
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/unyson/framework/static/libs/font-awesome/css/font-awesome.min.css?ver=2.7.27 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 10:13:12 GMT
vary: Accept-Encoding
etag: W/"6305f9b8-7918"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1661337404&ver=1.16.7
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1661337404&ver=1.16.7
IP 38.242.238.22:0
GET /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1661337404&ver=1.16.7 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:36:44 GMT
vary: Accept-Encoding
etag: W/"6305ff3c-1101b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=20.6
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=20.6
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/picker.classic.css?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-66f"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/page-transition.js?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/page-transition.js?ver=1.0.42
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/page-transition.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-a0a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.1
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.1
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.1 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Thu, 31 Mar 2022 21:45:11 GMT
vary: Accept-Encoding
etag: W/"624620e7-c22"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/
38.242.238.22200 OK 0 B IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://demo2.jovenesvip.com/wp-json/>; rel="https://api.w.org/", <https://demo2.jovenesvip.com/wp-json/wp/v2/pages/1056>; rel="alternate"; type="application/json", <https://demo2.jovenesvip.com>; rel=shortlink
set-cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr; path=/; HttpOnly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3
IP 38.242.238.22:0
GET /wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 10:12:57 GMT
vary: Accept-Encoding
etag: W/"6305f9a9-981e"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.prettyPhoto.js?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.prettyPhoto.js?ver=1.0.42
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/jquery.prettyPhoto.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-a671"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/css/customer_profile.css?ver=2.0
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/css/customer_profile.css?ver=2.0
IP 38.242.238.22:0
GET /wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/css/customer_profile.css?ver=2.0 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Wed, 10 Nov 2021 22:36:15 GMT
vary: Accept-Encoding
etag: W/"618c495f-5b8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.2.3
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.2.3
IP 38.242.238.22:0
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.2.3 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Thu, 31 Mar 2022 21:38:43 GMT
vary: Accept-Encoding
etag: W/"62461f63-a6b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=20.6
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=20.6
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/css/bookly-main.css?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: text/css
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-8e65"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/js/customer_profile.js?ver=2.0
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/js/customer_profile.js?ver=2.0
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-addon-pro/frontend/modules/customer_profile/resources/js/customer_profile.js?ver=2.0 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:15 GMT
vary: Accept-Encoding
etag: W/"618c495f-49d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 38.242.238.22:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:44 GMT
vary: Accept-Encoding
etag: W/"6212b46c-15db1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=20.6
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=20.6
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bookly-responsive-appointment-booking-tool/frontend/resources/js/ladda.min.js?ver=20.6 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Sun, 20 Feb 2022 21:36:08 GMT
vary: Accept-Encoding
etag: W/"6212b448-ea9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CCrimson+Text%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%7CFira+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.4
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CCrimson+Text%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%7CFira+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.4
IP 142.250.74.106:0
GET /css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CCrimson+Text%3Aregular%2Citalic%2C600%2C600italic%2C700%2C700italic%7CFira+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 18 Jan 2023 07:17:11 GMT
date: Wed, 18 Jan 2023 07:17:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.easeScroll.js?ver=1.0.42
38.242.238.22200 OK 0 B URL HTTP/2 demo2.jovenesvip.com/wp-content/themes/the-core-parent/js/jquery.easeScroll.js?ver=1.0.42
IP 38.242.238.22:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-core-parent/js/jquery.easeScroll.js?ver=1.0.42 HTTP/1.1
Host: demo2.jovenesvip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://demo2.jovenesvip.com/
Cookie: PHPSESSID=jgjmvf8sfir64kal7s8bsnobdr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 07:17:11 GMT
content-type: application/javascript
last-modified: Wed, 10 Nov 2021 22:36:17 GMT
vary: Accept-Encoding
etag: W/"618c4961-2c6d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2