r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6886
Expires: Wed, 29 Mar 2023 13:24:36 GMT
Date: Wed, 29 Mar 2023 11:29:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2628
Expires: Wed, 29 Mar 2023 12:13:38 GMT
Date: Wed, 29 Mar 2023 11:29:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2522
Expires: Wed, 29 Mar 2023 12:11:52 GMT
Date: Wed, 29 Mar 2023 11:29:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 11:28:09 GMT
content-type: application/json
age: 101
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: va8sWrkRLBeEnSB6Wi6vbPz9H8ZcedSbm+Zou09I61GcbFZwrL0xFWCk8hMo3M0BHCAEyeSVRpE=
x-amz-request-id: 2SXFJ29D7DKM9D38
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 10:56:36 GMT
age: 1994
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
kbbldservices.com/
151.101.194.159301 Moved Permanently 162 B IP 151.101.194.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://kbbldservices.com/
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: sof3ee59ur
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Wed, 29 Mar 2023 11:29:50 GMT
X-Served-By: cache-bma1671-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1680089391.630151,VS0,VE266
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 11:29:50 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a740252e7b24892a3e34f6dfed6e3bde
d44d21abb95edd1ccc775632254f11ee94fb585e
e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94"
Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12528
Expires: Wed, 29 Mar 2023 14:58:39 GMT
Date: Wed, 29 Mar 2023 11:29:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, ETag, Alert, Last-Modified, Retry-After, Content-Length, Pragma, Backoff, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 11:14:36 GMT
age: 915
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vVWoKUanVzZ9mj2+O1lvUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T1LqFm1wxmWiCjmdwF9hgblUync=
Date: Wed, 29 Mar 2023 11:29:51 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
kbbldservices.com/
151.101.194.159200 OK 9.8 kB IP 151.101.194.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash f6c9950333f7828970bd4f807d71d538
77eea2bf5d36db566738dd858bf49d47c7fd621b
22e49e3b0bb87f2a1e7f6caeb2e07acaf57fb450d0c52bfd5befc4464c67c06d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://kbbldservices.com/wp-json/>; rel="https://api.w.org/", <https://kbbldservices.com/wp-json/wp/v2/pages/48>; rel="alternate"; type="application/json", <https://kbbldservices.com/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: sof3ee59ur
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089391.963091,VS0,VE638
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 9844
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/modernizr.custom.js
151.101.194.159200 OK 4.2 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/modernizr.custom.js
IP 151.101.194.159:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (8820)
Hash 66de5c66921900d17bf99bbb345b8794
b580a0501b4c1815b21e2150d267fdb7f6bdfea8
1c1d2adf93bff7782921f4f8c809fa8795506fc956dd096463313269f41b847d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/modernizr.custom.js HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jun 2018 11:09:17 GMT
etag: W/"5b2a35dd-232b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680089392.714887,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4152
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/classie.js
151.101.194.159200 OK 718 B URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/classie.js
IP 151.101.194.159:0
Hash e1091070fd806ffe5014a6a6e6727fa4
971198778d690c8ef846cdcbc4689d85f600853d
8b3b7c557c6a882e710665ba6a197bc0b7ca1046b4b025be9a3ba022d8d8ca34
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/classie.js HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jun 2018 11:09:15 GMT
etag: W/"5b2a35db-72b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680089392.714829,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 718
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/mlpushmenu.js
151.101.194.159200 OK 4.1 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/mlpushmenu.js
IP 151.101.194.159:0
File type ASCII text, with very long lines (2051)
Hash 9b945e1ad8fb3d190dc6d73a18f027f0
f779033ccfff2d506d835c7741c8a5beb44ba27d
d6282fed97b9a62f8851b72d58a869a0ef59a4878e4610e02c05c493df4b24ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/mlpushmenu.js HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jun 2018 11:09:16 GMT
etag: W/"5b2a35dc-2733"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680089392.715410,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4055
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/jquery.cycle2.min.js
151.101.194.159200 OK 7.8 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/jquery.cycle2.min.js
IP 151.101.194.159:0
File type ASCII text, with very long lines (10280)
Hash a72ef0dbc9a65ce7ebeb5a61468ce1c9
2e6cb63a1f18c10a0fd066297f710058c29d6d30
4137357e5db614405b03e85580b145cda1793fb2c89b0573a8c84cffb0a9ef57
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/jquery.cycle2.min.js HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jun 2018 11:09:16 GMT
etag: W/"5b2a35dc-59a1"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680089392.715890,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7756
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/jquery.cycle2.swipe.min.js
151.101.194.159200 OK 540 B URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/jquery.cycle2.swipe.min.js
IP 151.101.194.159:0
File type ASCII text, with very long lines (1212)
Hash 83b8401e9cfecc5acb8350efa51efabd
57c1f84ea9a6a4e892e15be4c8c468c3cdbd302d
73bd9db209a999d938a33f323cf6ffde08c503539940639f9e76189b6a840ea2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/jquery.cycle2.swipe.min.js HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jun 2018 11:09:16 GMT
etag: W/"5b2a35dc-4fc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680089392.716514,VS0,VE5
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 540
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/init.js?v1.02
151.101.194.159200 OK 416 B URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/init.js?v1.02
IP 151.101.194.159:0
Hash 6d5de2159f4dd6bef46f952f39ae7354
ade6478b4cda3f26aaa97525f417eda140209311
0ee01e1a2ac214cb94cc65be428345590bd7af8b5168621081936212253245ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/init.js?v1.02 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jun 2018 11:09:15 GMT
etag: W/"5b2a35db-36a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680089392.721646,VS0,VE2
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 416
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/fancybox/jquery.fancybox.min.js
151.101.194.159200 OK 22 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/fancybox/jquery.fancybox.min.js
IP 151.101.194.159:0
File type Unicode text, UTF-8 text, with very long lines (32014)
Hash 41b15d49958e277c1fb1cb8c1b24385d
4d32eeed105f7731a9ec717960a9999bf73776ea
39b25ab603cdab56eea4e7e633ed99dfa040217014012b9d93023baa7fe588db
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/fancybox/jquery.fancybox.min.js HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jun 2018 11:09:20 GMT
etag: W/"5b2a35e0-f0c4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680089392.721379,VS0,VE4
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 22016
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e10c0c62a68346a599a245ad2d85fbbe
a79383efdb28292b6e2112da2344915a97eb7888
b239a83a0672895d5960617bba31f4404a4c103eec12d4e975aaf51204e1f953
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:29:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-121086762-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-121086762-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 00abe68c2df19a950952822536bf40f7
66bcadcbcfb4428e63ad91b2a72050c4c62b29d1
34076047000e6e482938fb92c4cfe6c33b8c7865077aca5f8cbe977f477df670
GET /gtag/js?id=UA-121086762-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kbbldservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Mar 2023 11:29:51 GMT
expires: Wed, 29 Mar 2023 11:29:51 GMT
cache-control: private, max-age=900
last-modified: Wed, 29 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kbbldservices.com/wp-includes/css/classic-themes.min.css?ver=1
151.101.194.159200 OK 189 B URL HTTP/2 kbbldservices.com/wp-includes/css/classic-themes.min.css?ver=1
IP 151.101.194.159:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-d9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: sof3ee59ur
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.708929,VS0,VE122
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 189
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/fancybox/core.css
151.101.194.159200 OK 3.4 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/fancybox/core.css
IP 151.101.194.159:0
File type ASCII text, with very long lines (330)
Hash a672af9d70247ca52ca568bc7261ccad
c589deb8fb5ad53fb5d41d387446c218c3800f16
990971cbff1b5129b6fbf03de5b51806afece988d1b87fb49399af605689b249
GET /wp-content/themes/kb-building-services/includes/fancybox/core.css HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 20 Jun 2018 11:09:20 GMT
etag: W/"5b2a35e0-310a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.706539,VS0,VE126
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3352
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/style.css?ver=1649188794
151.101.194.159200 OK 8.5 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/style.css?ver=1649188794
IP 151.101.194.159:0
File type ASCII text, with very long lines (453)
Hash 59231c3c4cc41ea8220c499d185eb979
acbfd222413026fc0c319d74db4446532628f774
efb7922de46644b58aeaf0f4fdc036548c1df43648885ef6aa8cce4a629c0cb9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/style.css?ver=1649188794 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 05 Apr 2022 19:59:54 GMT
etag: W/"624c9fba-9882"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.710711,VS0,VE124
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8495
X-Firefox-Spdy: h2
kbbldservices.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
151.101.194.159200 OK 4.4 kB URL HTTP/2 kbbldservices.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 151.101.194.159:0
File type ASCII text, with very long lines (11126)
Hash 24957bc8161f979c6e661f46fdc3974f
fa1237ffe8b3745baa78ac481239038e133fcc17
46acf87c90961d413ac24eace25b77a8d5236daf38799fec2daf0bc350cc6ebe
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-2bd8"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: sof3ee59ur
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.712079,VS0,VE123
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 4405
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/normalize.css?ver=1.0
151.101.194.159200 OK 2.8 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/normalize.css?ver=1.0
IP 151.101.194.159:0
Hash ae7c238a94f86b9e5010a330791af08e
690d517a657907b300f9deae294cd2a3bdcbaa38
d9a8c4123db4f262c3f350c71e40dae1bbc82b948b31afe6dbcf4891c781491f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/normalize.css?ver=1.0 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 20 Jun 2018 11:09:03 GMT
etag: W/"5b2a35cf-236a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.709695,VS0,VE126
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 2755
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e10c0c62a68346a599a245ad2d85fbbe
a79383efdb28292b6e2112da2344915a97eb7888
b239a83a0672895d5960617bba31f4404a4c103eec12d4e975aaf51204e1f953
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:29:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kbbldservices.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
151.101.194.159200 OK 34 kB URL HTTP/2 kbbldservices.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 151.101.194.159:0
File type ASCII text, with very long lines (65447)
Hash 0f9984c60ff89c58395cad7c309f7baf
5f44ff87ee19e1427a7dfcfb079ab88273e2af1f
0dddffc97ab66c2cf2dd615f7f6ca217b8f8eadaa4e8224c2c7d4447878444e7
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-15e54"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: sof3ee59ur
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.711294,VS0,VE133
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34161
X-Firefox-Spdy: h2
kbbldservices.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
151.101.194.159200 OK 15 kB URL HTTP/2 kbbldservices.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 151.101.194.159:0
File type ASCII text, with very long lines (47826)
Hash 494d5da4270464f0f04720e2d2274891
aa632853200ab33d1ac163033782a89b35ab74a5
4db474d81bc40165336350d9d3de98277cc7c49aa4d9096d451255749e99595b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-172a9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: sof3ee59ur
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:51 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.707947,VS0,VE249
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 14912
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/print.css?ver=1.0
151.101.194.159200 OK 342 B URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/print.css?ver=1.0
IP 151.101.194.159:0
File type troff or preprocessor input, ASCII text
Hash 9b507729e033a663f26cf61b261f487f
6d22a476a27984f444b93226f3e29acb4e55dc9c
5ce45edc4dc2b6c7f6e0d71eecc92d350c8b11e252f8b8fe0f185e8e4ae3e80c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/print.css?ver=1.0 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 20 Jun 2018 11:09:04 GMT
etag: W/"5b2a35d0-276"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.993694,VS0,VE124
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 342
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.12.1
151.101.194.159200 OK 3.5 kB URL HTTP/2 kbbldservices.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.12.1
IP 151.101.194.159:0
File type ASCII text, with very long lines (1571)
Hash c49f2ad4638c17c98d534e8732d2c557
bbf4b6c92c33bac0cd2f20b9b44b26c841729359
808be5f0d83e7bde3a865198e1c9553c443bd8ab95fe13a377d5446f8371ccd3
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.12.1 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 13:28:04 GMT
etag: W/"63e10064-2e3b"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.713208,VS0,VE488
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 3479
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/i/balloon.png
151.101.194.159200 OK 22 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/i/balloon.png
IP 151.101.194.159:0
File type PNG image data, 600 x 449, 8-bit/color RGBA, non-interlaced\012- data
Hash a599591737b05c7e142adb50b4472254
49ce32425793cd6939048c298945467bd6ed7c90
d1ae0a23dcaa5e68054178ecc6556a95606183b6dd29aeb2a7703cbcf67bf995
GET /wp-content/themes/kb-building-services/i/balloon.png HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/wp-content/themes/kb-building-services/style.css?ver=1649188794
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 20 Jun 2018 11:09:10 GMT
etag: W/"5b2a35d6-5b47"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.243124,VS0,VE127
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 22300
X-Firefox-Spdy: h2
kbbldservices.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
151.101.194.159200 OK 5.5 kB URL HTTP/2 kbbldservices.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 151.101.194.159:0
File type ASCII text, with very long lines (15660)
Hash 17db16eba9de064a60b18a592b36634a
82fc955209623803111e48d5be3cf345315be6f5
1144901adf4e1d54838e6e04a2b75314f3b95518ee654d8c1742af50e355b433
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 20:31:33 GMT
etag: W/"6373f725-48b9"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
cache-control: public, max-age=31536000
x-fw-hash: sof3ee59ur
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.897472,VS0,VE482
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 5515
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/ProximaNovaRegular.woff2
151.101.194.159200 OK 38 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/ProximaNovaRegular.woff2
IP 151.101.194.159:0
File type Web Open Font Format (Version 2), TrueType, length 37920, version 1.0\012- data
Hash f8bbe91b192afe56ba7b557dce47ac3c
b3a76d62f97f1c080c68c88fbe2c4abbdb574783
c3d3c3c42792a71d2571e133f2498054e4790d1cdd1f6f07aa52654ee53044c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/fonts/ProximaNovaRegular.woff2 HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://kbbldservices.com/wp-content/themes/kb-building-services/style.css?ver=1649188794
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Wed, 20 Jun 2018 11:09:27 GMT
etag: "5b2a35e7-9420"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.244727,VS0,VE133
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 37920
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2018/06/slide-3.jpg
151.101.194.159200 OK 63 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2018/06/slide-3.jpg
IP 151.101.194.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x623, components 3\012- data
Hash bc153bf6d88c6585b5796dfd0010720b
df74b9db7f01baf3a5b24cb84c0c67d81896b5e2
cd0d0b928dafa7b18bbe9225a27fee2617c5c1a96eac95e50a1be50f2c7b2743
GET /wp-content/uploads/2018/06/slide-3.jpg HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 20 Jun 2018 10:51:10 GMT
etag: W/"5b2a319e-fc19"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.241460,VS0,VE143
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 63233
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2018/06/bg-1.jpg
151.101.194.159200 OK 114 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2018/06/bg-1.jpg
IP 151.101.194.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x627, components 3\012- data
Size 114 kB (114078 bytes)
Hash eb2839b18e5f762058903e320acabd2c
06d926e7e873376bef679061ca5ab8e904532ba5
dec60d4b9a1727ad2a3f63bd067eff02f354cded25ee5122340664259f35a4c7
GET /wp-content/uploads/2018/06/bg-1.jpg HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 20 Jun 2018 10:49:20 GMT
etag: W/"5b2a3130-1c2cc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.241943,VS0,VE158
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 114078
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2018/06/logo.png
151.101.194.159200 OK 7.4 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2018/06/logo.png
IP 151.101.194.159:0
File type PNG image data, 265 x 139, 8-bit colormap, non-interlaced\012- data
Hash 9f391811630264c06f5cd015f886890d
f370460ef86d899adc23931e3e85128d5453d8df
41889d54086e6647bf4c68bcb57c092ad521370fc2c3a7cf9818b30ab2d6fcb3
GET /wp-content/uploads/2018/06/logo.png HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 20 Jun 2018 10:50:53 GMT
etag: W/"5b2a318d-1cd4"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.299036,VS0,VE125
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 7408
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/proxima_nova-light-webfont.woff
151.101.194.159200 OK 26 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/proxima_nova-light-webfont.woff
IP 151.101.194.159:0
File type Web Open Font Format, TrueType, length 26388, version 1.0\012- data
Hash 34b171c834f615160cb3ef1fc74aa7b9
0e2e81675d44791f1775f6d09a2b4541aad70abb
046db1c0cc3211e9674fe064d21f52d84d0bfc0d7d8e248db58ad79c19d8882d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/fonts/proxima_nova-light-webfont.woff HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://kbbldservices.com/wp-content/themes/kb-building-services/style.css?ver=1649188794
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Wed, 20 Jun 2018 11:09:28 GMT
etag: "5b2a35e8-6714"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.250409,VS0,VE241
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 26388
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2018/06/KB-vans.jpg
151.101.194.159200 OK 102 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2018/06/KB-vans.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x623, components 3\012- data
Size 102 kB (101745 bytes)
Hash e7a9b3eea2df1108f536c30d935de7d7
0876fd6972119481acf59f7d42d9d01e9cb6a24a
76ce6be9f0e4705f3c3319528254f197b61554189c5b6149d41f02052d1ac27a
GET /wp-content/uploads/2018/06/KB-vans.jpg HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 20 Jun 2018 10:50:48 GMT
etag: W/"5b2a3188-18de2"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.240463,VS0,VE252
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 101745
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/proxima_nova-semibold-webfont.woff
151.101.194.159200 OK 27 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/proxima_nova-semibold-webfont.woff
IP 151.101.194.159:0
File type Web Open Font Format, TrueType, length 26724, version 1.0\012- data
Hash eae01994815c6fc496a4cedd805379fb
dcfbf2859813fe0575138b3c5ad246acff0e766c
dcb1dd7eac2331cbc729cadeadd2d0a7ff0159e77889616b83d16b56aadd97fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/fonts/proxima_nova-semibold-webfont.woff HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://kbbldservices.com/wp-content/themes/kb-building-services/style.css?ver=1649188794
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Wed, 20 Jun 2018 11:09:29 GMT
etag: "5b2a35e9-6864"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.248936,VS0,VE247
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 26724
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2018/06/thumbnail-3.jpg
151.101.194.159200 OK 34 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2018/06/thumbnail-3.jpg
IP 151.101.194.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 366x244, components 3\012- data
Hash a477a8cc17192da101bdc9629432674a
451d1874bc6176b681fb7da0a4a9e5fc0fc5ed6f
80c9de185efa18dc6729536457498c80231dfed910d404a19fcea0dc066c141f
GET /wp-content/uploads/2018/06/thumbnail-3.jpg HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 20 Jun 2018 10:51:24 GMT
etag: W/"5b2a31ac-82fc"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.300962,VS0,VE246
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 33524
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2018/06/KB-clean.jpg
151.101.194.159200 OK 76 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2018/06/KB-clean.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x623, components 3\012- data
Hash b0af75ecd3238d3d0e6bf733a4091aae
1e5fbffbef4a10f2c302144fa4acd60c1e65839f
ca00180538fdb397edc11658d8f99aea5865b021d3eccde4d0698d240e087d9f
GET /wp-content/uploads/2018/06/KB-clean.jpg HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 20 Jun 2018 10:50:36 GMT
etag: W/"5b2a317c-129d5"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.239661,VS0,VE368
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 75708
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2019/06/Randi-OPT.png
151.101.194.159200 OK 90 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2019/06/Randi-OPT.png
IP 151.101.194.159:0
File type PNG image data, 710 x 585, 8-bit colormap, non-interlaced\012- data
Hash 8b48bb9fef2517c27d680bddb95d4869
183a12c56f2ef9398f02e7edd00a7c10c12ce21e
1fc81c459e3d1fc18725bf27f6471f3f61012bcfd5fba126f388809b8a520ed5
GET /wp-content/uploads/2019/06/Randi-OPT.png HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 13 Jun 2019 16:58:28 GMT
etag: W/"5d0280b4-15f02"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.301649,VS0,VE373
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 89645
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2019/06/Autumn-OPT.png
151.101.194.159200 OK 149 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2019/06/Autumn-OPT.png
IP 151.101.194.159:0
File type PNG image data, 710 x 585, 8-bit colormap, non-interlaced\012- data
Size 149 kB (148795 bytes)
Hash 7eea76435fe1605f1746212f168f7ece
e3753af13188b25730437716208291c3c66d7d6a
89c7f2b72d404a46dc96fcce852b511c7314f4ffb9faea3f86f38f70656530c8
GET /wp-content/uploads/2019/06/Autumn-OPT.png HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 13 Jun 2019 16:58:41 GMT
etag: W/"5d0280c1-244f7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.479942,VS0,VE250
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 148795
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/proxima-nova-bold-webfont.woff
151.101.194.159200 OK 26 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/proxima-nova-bold-webfont.woff
IP 151.101.194.159:0
File type Web Open Font Format, TrueType, length 25872, version 1.0\012- data
Hash cb453bb17037cb6f97ad07de9c27800a
a3abea00774e7ddbccb01d8a8a7c0d82f82d1018
05cfeabdee524307026fe28d47682283dfa0d1236092b25ea8f5a90eaf10504f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/fonts/proxima-nova-bold-webfont.woff HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://kbbldservices.com/wp-content/themes/kb-building-services/style.css?ver=1649188794
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
last-modified: Wed, 20 Jun 2018 11:09:24 GMT
etag: "5b2a35e4-6510"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.246388,VS0,VE598
vary: Authorization
x-fw-serve: TRUE
x-fw-static: YES
access-control-allow-origin: *
x-fw-type: VISIT
content-length: 25872
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/MuseoSans_900.ttf
151.101.194.159200 OK 25 kB URL HTTP/2 kbbldservices.com/wp-content/themes/kb-building-services/includes/fonts/MuseoSans_900.ttf
IP 151.101.194.159:0
File type TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Hash 812df407aedbbf31de458afac1123fa3
b535e4f5d4ac1e94086953299a1b258077cf5529
b699858697b1db210478e76bd76ee93b4a1d96c2900d9a7c8c26b03bd2574387
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kb-building-services/includes/fonts/MuseoSans_900.ttf HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/wp-content/themes/kb-building-services/style.css?ver=1649188794
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Wed, 20 Jun 2018 11:09:23 GMT
etag: "5b2a35e3-e69c"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.253256,VS0,VE605
vary: Authorization, Accept-Encoding
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 25116
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2019/11/KB_Team-1-366x244.jpg
151.101.194.159200 OK 21 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2019/11/KB_Team-1-366x244.jpg
IP 151.101.194.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 366x244, components 3\012- data
Hash 529001e3cd4f71acac6b839df017cbf3
d0c1450d2c5f355697572743d814d750bdb6acda
d2b8b75bb7d6692cfec3d95448884f6610ddc8ba613ff982db61fec189334aed
GET /wp-content/uploads/2019/11/KB_Team-1-366x244.jpg HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 06 Nov 2019 13:24:37 GMT
etag: W/"5dc2c995-5366"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.299549,VS0,VE602
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 21040
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2018/06/thumbnail-2.jpg
151.101.194.159200 OK 34 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2018/06/thumbnail-2.jpg
IP 151.101.194.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 366x244, components 3\012- data
Hash 028a4c92255865f9290be5c064458fb7
ad38b3fe110be8a84afbfed0dfbe524cea1b9dfb
9e1a2254c0908855ad411c71f126ec8f7b45c1363dfb51f37ec7cd23f7b74e1b
GET /wp-content/uploads/2018/06/thumbnail-2.jpg HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Wed, 20 Jun 2018 10:51:24 GMT
etag: W/"5b2a31ac-862e"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089392.300261,VS0,VE609
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 34349
X-Firefox-Spdy: h2
kbbldservices.com/wp-content/uploads/2022/11/cropped-KB-Logo-for-Favicon-32x32.png
151.101.194.159200 OK 881 B URL HTTP/2 kbbldservices.com/wp-content/uploads/2022/11/cropped-KB-Logo-for-Favicon-32x32.png
IP 151.101.194.159:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 63a7cf9a18947a796391e1dfcf325654
13542357ede772bd298129c9a8ca48fbfd35875d
39bdef5441f80e695686fbe2ec0dce2bd25cd97c775746d9037bcb509170c544
GET /wp-content/uploads/2022/11/cropped-KB-Logo-for-Favicon-32x32.png HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 18 Nov 2022 18:36:06 GMT
etag: W/"6377d096-35a"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:52 GMT
x-served-by: cache-bma1651-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680089393.924164,VS0,VE1
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 881
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kbbldservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 29 Mar 2023 10:05:11 GMT
expires: Wed, 29 Mar 2023 12:05:11 GMT
cache-control: public, max-age=7200
age: 5081
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7201
Expires: Wed, 29 Mar 2023 13:29:54 GMT
Date: Wed, 29 Mar 2023 11:29:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7201
Expires: Wed, 29 Mar 2023 13:29:54 GMT
Date: Wed, 29 Mar 2023 11:29:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7201
Expires: Wed, 29 Mar 2023 13:29:54 GMT
Date: Wed, 29 Mar 2023 11:29:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7201
Expires: Wed, 29 Mar 2023 13:29:54 GMT
Date: Wed, 29 Mar 2023 11:29:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7201
Expires: Wed, 29 Mar 2023 13:29:54 GMT
Date: Wed, 29 Mar 2023 11:29:53 GMT
Connection: keep-alive
kbbldservices.com/wp-content/uploads/2022/11/cropped-KB-Logo-for-Favicon-192x192.png
151.101.194.159200 OK 8.3 kB URL HTTP/2 kbbldservices.com/wp-content/uploads/2022/11/cropped-KB-Logo-for-Favicon-192x192.png
IP 151.101.194.159:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f6a0dc243467ab8bebe1f83c195641ab
8d2378f7f7b0f9103ec125117c19f37bb5838b53
fe27bd1036db6d9835983215cfdf3c951454aaeb957551a47ed773c662fa4ec6
GET /wp-content/uploads/2022/11/cropped-KB-Logo-for-Favicon-192x192.png HTTP/1.1
Host: kbbldservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kbbldservices.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Fri, 18 Nov 2022 18:36:06 GMT
etag: W/"6377d096-20ec"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: sof3ee59ur
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:29:53 GMT
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680089393.923488,VS0,VE129
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 8251
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 49518
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:37:00 GMT
age: 49973
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 23:09:21 GMT
age: 44432
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 49556
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: GiRkprg-C9719Vg2jIHR3ks1S9srN0yPXyO_qSCfqfLN7PmS8lmaFw==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:37:26 GMT
age: 49947
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6bd3d6c290e2be5effe451fddc92288
456c678dd0b64d84021c41383a534afeaa4d7af0
3d645c8b903b9f5593d068feb00b1c04cf8444ed78a292458e69d5c553cb1691
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 9a919196-e536-4ef7-a2b2-9637aa75abff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ceq6FGAJIAMF7Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64228b73-769c33f459c985ab427ed47b;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 06:38:43 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: EFPuF3xknmH1frUX8bIJXNMjLoHEk_0V9Jd5sNxj16MR5cun53Xe1A==
via: 1.1 1cbc126937aab64e42a05f9bf2f8daee.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:30:02 GMT
age: 46791
etag: "456c678dd0b64d84021c41383a534afeaa4d7af0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab378a6531b886829e1762f72866500
9509f3e388d0f2627468b5ff8afd408eb19297a4
9535702379130bbc5e3439b2c226d3d8c51c6ee07690e64cbccf71e49085615c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9886
x-amzn-requestid: efa3e368-7941-467c-a4d7-f303b50a32a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK848FbOoAMFnXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa838-5357cad3565e7b230505442f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UjD8avDwm-zEFik18U34bWU06SOeb-fBjelZcoGyzcie0Z1CAj6JUQ==
via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 18:08:57 GMT
age: 62462
etag: "9509f3e388d0f2627468b5ff8afd408eb19297a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2